UK's Cyber Security and Resilience Bill makes Parliamentary debut

UK government introduced the Cyber Security and Resilience (CSR) Bill to Parliament today, marking a significant overhaul of local cybersecurity legislation to sharpen the security posture of the most critical sectors.

First teased during the 2024 King's Speech, the Cyber Security and Resilience (CSR) Bill builds on the NIS 2018 regulations. While largely unchanged from the draft revealed by former tech secretary Peter Kyle in April, it now confirms datacenters will fall under the new regulations - an expected move after they were designated critical national infrastructure in September 2024.

Prior to the bill's introduction to Parliament today, the Department for Science, Technology and Innovation (DSIT) stated: "Datacenters keep the UK running, from patient records and payments to email services and AI development. The bill will bring them into scope of the regulations, ensuring they meet robust cybersecurity standards."

Managed service providers (MSPs) will also be covered by the ...