The UK’s much anticipated Cyber Security and Resilience Bill is presented to the UK parliament this morning, after losses from cyberattacks estimated at £14.7bn per year.
The UK government introduces the Cyber Security and Resilience Bill to parliament for its first reading today (12 November), proposing tough new laws to increase UK defences against cyberattacks, in order to better protect critical public services such as transport, utilities and the NHS.
It comes at a time when the Office for Budget Responsibility has estimated that a cyberattack on critical national infrastructure could temporarily increase borrowing by more than £30bn or 1.1pc of UK GDP.
The government also pointed to independent research published today which showed the average cost of a significant cyberattack in the UK is now more than £190,000, amounting to around £14.7bn a year across the economy or around 0.5pc of UK GDP.
UK Science, Innovation, and Technology secretary Liz Kendall said the legislation would send cybercriminals a clear message that the UK is “no easy target”.
“We all know the disruption daily cyberattacks cause,” she said. “Our new laws will make the UK more secure against those threats. It will mean fewer cancelled NHS appointments, less disruption to local services and businesses, and a faster national response when threats emerge.
“The real-world impacts of cyberattacks have never been more evident than in recent months, and at the NCSC we continue to work round the clock to empower organisations in the face of rising threats,” said National Cyber Security Centre (NCSC) CEO Dr Richard Horne.
“We’ve seen cyberattackers increasingly target supply chains and managed service providers in recent years, including vital institutions like the NHS and the Ministry of Defence,” said Jill Popelka, CEO of cybersecurity firm Darktrace.
“It’s promising to see the Bill recognise the risk across the digital ecosystem. It’s also good to see the government’s focus on future-proofing the regulatory environment for cybersecurity and creating a stronger role for NCSC’s Cyber Assessment Framework. These changes will help give organisations more confidence to adopt new technologies while staying prepared for the next evolution in threats.”
The Bill comes after a torrid year or two for cyberattacks in the UK, with a major attack on Transport for London in 2024, as well as high-profile attacks on iconic brands such as Marks and Spencer, Harrods and Victoria’s Secret during 2025.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
