The Cyber Security and Resilience Bill

The Cyber Security and Resilience Bill will introduce some of the most significant changes to UK cyber regulation for almost 10 years.

It includes significant expansions in both the range of organisations in scope of the existing NIS Regulations 2018, and the requirements they are expected to meet. Moving beyond 'traditional' critical infrastructure and the high-level expectations set out in existing cyber regulation, the Bill marks a step change in the UK Government's approach and will have significant impacts for a large number of organisations.

Key amongst these newly regulated entities will be the supply chain into operators of essential services, including the Energy, Infrastructure, Water, Health and Digital Infrastructure sectors. Data Centre operators and Managed Service Providers will be regulated for the first time. The changes will also place increased focus on the cyber-security and assurance provisions that in scope organisations flow down through relevant supply chains and how compliance with those provisions are monitored and enforced.

This strategic webinar will bring together legal and technical experts from Pinsent Masons and Bridewell to dissect the Bill and the changes it will introduce. We will examine the implications for both existing Operators of Essential Services, and the significant range of new organisations that will find themselves in scope, and how organisations can begin preparing themselves for the new regime. Key topics will include:

• Incident reporting requirements
• Supply chain engagement on cyber-readiness and monitoring and enforcing supply chain compliance
• Contracting for resilience: trends and effective contractual approaches to enable a cyber-ready supply chain
• Interactions with global cyber regulations for multinational organisations
• What's likely to follow from the Government once the Bill becomes law.

Attendees across critical national infrastructure sectors will gain a clear understanding of the changes the Bill is making and what their organisations can do now to prepare, including approaches to fostering collaboration between legal, compliance and cyber teams, and Board engagement.