Ministers promise equivalent standards just without the legal obligation

ANALYSIS From May's cyberattack on the Legal Aid Agency to the Foreign Office breach months later, cyber incidents have become increasingly common in UK government.

The scale extends far beyond these high-profile cases: the NCSC reports that 40 percent of attacks it managed between September 2020 and August 2021 targeted the public sector, a figure expected to grow.

Given this threat landscape, why does the UK's flagship Cyber Security and Resilience (CSR) Bill exclude both central and local government?

Sir Oliver Dowden, former digital secretary and current shadow deputy PM, led calls in the House of Commons this week urging Labour to rethink its stance on excluding central government from the Cyber Security and Resilience (CSR) Bill.

"I would just urge the minister, as this bill passes through Parliament, to look again at that point, and I think there is a case for putting more stringent requirements on ...