UK Cyber Security and Resilience Bill Expands Critical Infrastructure Protections
The UK government has introduced the Cyber Security and Resilience (CSR) Bill to Parliament, representing a major update to national cybersecurity legislation. The bill expands the scope of regulated entities to include datacenters and managed service providers (MSPs), in addition to existing coverage of operators of essential services such as healthcare, energy, transport, water, and digital service providers. The legislation aims to ensure these sectors meet robust cybersecurity standards, with new rules also extending to organizations overseeing smart appliances like electric vehicle charging points and smart heating systems.
The CSR Bill grants ministers emergency powers to intervene during major cyber incidents and imposes stricter compliance requirements, including mandatory reporting of significant cyber incidents within 24 hours. Non-compliant organizations face substantial penalties, including daily fines up to £100,000 or turnover-based penalties, marking a shift toward enforcement that scales with organizational impact. The bill is expected to receive Royal Assent in 2026 and is positioned as a key component of the UK’s strategy to strengthen national resilience and protect critical infrastructure from evolving cyber threats.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Bill proposes broader scope, faster reporting, and stronger enforcement
The proposed law would bring managed service providers, data centers, digital infrastructure providers, and key supply-chain entities under direct oversight, while requiring significant incidents to be reported within 24 hours and followed by a fuller report within 72 hours. It also gives regulators stronger enforcement powers, including turnover-based penalties and emergency intervention powers for ministers during major cyber incidents.
UK introduces Cyber Security and Resilience Bill to Parliament
The British government introduced the Cyber Security and Resilience Bill to Parliament to strengthen cybersecurity requirements for critical infrastructure and essential services. The legislation expands regulation beyond the previous NIS framework and is presented as a response to recent high-profile cyber incidents affecting the UK.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
9 references tracked. Mallory keeps watching after this page renders.
Five takeaways from the UK’s Cyber Security & Resilience Bill
intigriti.com
Open sourceDraft UK Cyber Security and Resilience Bill Enters UK Parliament
databreaches.net
Open sourceUK's Cyber Security and Resilience Bill makes Parliamentary debut
go.theregister.com
Open sourceBritish government unveils long-awaited landmark cybersecurity bill
therecord.media
Open sourceNew UK laws to strengthen critical infrastructure cyber defenses
bleepingcomputer.com
Open sourceUK Unveils Cyber Security and Resilience Bill
govinfosecurity.com
Open sourceUK Unveils Cyber Security and Resilience Bill
bankinfosecurity.com
Open sourceUK cybersecurity bill brings tougher rules for critical infrastructure
csoonline.com
Open sourceUK’s new Cyber Security and Resilience Bill targets weak links in critical services
helpnetsecurity.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Legislative Efforts to Strengthen Cybersecurity Regulations for Critical Infrastructure
Lawmakers in both the United States and the United Kingdom are advancing significant legislative measures aimed at bolstering cybersecurity protections for critical infrastructure and regulatory agencies. In the US, a bipartisan bill known as the SEC Data Protection Act of 2025 has been reintroduced to require the Securities and Exchange Commission (SEC) to modernize its cybersecurity protocols, implement uniform data protection policies, and align with federal and NIST best practices. The bill is a response to increasing cyberattacks on government agencies and concerns over outdated security frameworks, with the goal of ensuring the SEC can effectively prevent, detect, and respond to cyber threats while maintaining public trust in the financial system. Meanwhile, the UK government has introduced the Cyber Security and Resilience Bill to Parliament, marking a fundamental shift in the country's approach to protecting critical infrastructure. The bill addresses gaps exposed by recent high-profile breaches and brings managed service providers under regulatory oversight for the first time. It introduces eight major changes to enhance digital defenses and resilience, reflecting the evolving threat landscape and the need for updated regulations beyond the existing NIS framework. Both legislative efforts underscore a growing recognition of the need for robust, modern cybersecurity standards to safeguard sensitive information and essential services against increasingly sophisticated cyber threats.
Mar 21, 2026
Government Cybersecurity Legislation and Resilience Initiatives
Governments in the US, UK, and EU are advancing major legislative and regulatory efforts to strengthen cybersecurity and resilience across critical sectors and software supply chains. The European Union’s Cyber Resilience Act (CRA) introduces requirements for software and connected product vendors to embed security from the design phase, manage vulnerabilities throughout the product lifecycle, and deliver rapid updates, with global implications for SaaS providers and technology companies. In the UK, the new Cyber Security and Resilience Bill aims to overhaul protections for critical national infrastructure, updating the NIS Regulations and addressing the growing threat from nation-state actors, as highlighted by recent disruptive attacks on healthcare and other essential services. In the United States, Congress has reauthorized the Cybersecurity Information Sharing Act (CISA 2015) through early 2026, restoring liability protections for organizations sharing threat intelligence with the federal government and sector-specific communities. However, the Cybersecurity and Infrastructure Security Agency (CISA) faces significant staffing shortages and capability gaps, prompting calls for increased funding and new strategies to address escalating cyber threats. Collectively, these legislative and regulatory actions reflect a global trend toward more robust, proactive, and coordinated approaches to cyber resilience and critical infrastructure protection.
Mar 21, 2026
Surge in Nationally Significant Cyberattacks in the United Kingdom
The United Kingdom has experienced a dramatic increase in the number and severity of cyberattacks targeting its organizations, as highlighted in the National Cyber Security Centre's (NCSC) latest annual review. Over the past year, the NCSC incident management team responded to 429 cyberattacks, a figure nearly identical to the previous year, but the proportion of attacks classified as 'nationally significant' rose sharply to 204, representing a 48% increase. The number of 'highly significant' attacks, which have a serious impact on central government, essential services, or a large segment of the population, also increased by 50%, reaching 18 incidents. These highly significant attacks are just one step below a national cyber emergency and require coordinated responses from senior government officials and law enforcement. The NCSC categorizes incidents on a six-level scale, with the most severe being those that disrupt critical services or threaten national security. The government has responded to this surge by issuing direct communications to chief executives and business leaders, urging them to take concrete steps to bolster their cyber resilience. This includes the recommendation to maintain physical, offline copies of cyberattack contingency plans, as digital systems may be rendered inaccessible during an incident. The advice comes in the wake of high-profile attacks on major UK companies such as Marks and Spencer, The Co-op, and Jaguar Land Rover, which resulted in empty shelves and halted production lines due to IT system outages. The attack on Jaguar Land Rover, in particular, was described as an economic security incident, with prolonged disruption threatening the government's economic growth objectives. The NCSC's annual review emphasizes the need for organizations to adopt resilience engineering strategies, focusing on the ability to anticipate, absorb, recover, and adapt to cyber threats. Firms are encouraged to plan for operations without IT systems and to develop alternative communication methods in the event of a cyberattack. The review also notes that while the overall number of incidents handled by the NCSC has remained stable, the increasing severity and sophistication of attacks pose a growing threat to national security and economic stability. The British government is taking a proactive stance by alerting industry leaders to the heightened risk environment and the necessity of robust cyber defense measures. The NCSC's chief executive, Richard Horne, has underscored that cybersecurity is now a matter of business survival and national interest. The review's findings have prompted calls for greater collaboration between government, industry, and academia to address the evolving threat landscape. The rise in significant cyberattacks is attributed to more intense, frequent, and sophisticated hostile activity targeting British businesses and critical infrastructure. The NCSC's categorization system helps prioritize response efforts and ensures that the most severe incidents receive the necessary attention and resources. The government’s outreach to business leaders is intended to drive home the urgency of preparing for cyber incidents that could have far-reaching consequences. The review also highlights the importance of learning from recent incidents to improve future response and recovery efforts. Organizations are advised to regularly test and update their contingency plans, ensuring that they are practical and accessible in a crisis. The NCSC continues to provide guidance and support to organizations across the UK, aiming to strengthen the country's overall cyber resilience. The increase in nationally significant and highly significant attacks marks the third consecutive year of rising severity, signaling a persistent and escalating threat. The government’s message is clear: cyberattacks are not just an IT issue but a critical risk to business continuity and national prosperity. The NCSC’s annual review serves as both a warning and a call to action for all sectors to prioritize cybersecurity and resilience in the face of mounting cyber threats.
Mar 21, 2026