The UK's Cyber Security and Resilience Bill excludes central and local government despite 40% of NCSC-managed attacks targeting the public sector. Critics argue this exemption undermines the legislation's effectiveness, especially given recent high-profile breaches like the Legal Aid Agency and Foreign Office incidents. While ministers promise equivalent standards through a separate Cyber Action Plan, experts note this lacks legal enforcement. The government suggests future sector-specific legislation may address public sector security, but the current approach raises questions about its commitment to protecting government systems from increasingly common cyberattacks.

7m read timeFrom go.theregister.com
Post cover image

Sort: