CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

UK Introduces Cyber Security and Resilience Bill to Strengthen National Defenses

First reported
Last updated
2 unique sources, 5 articles

Summary

Hide ▲

The UK government has introduced the Cyber Security and Resilience Bill, aiming to upgrade the 2018 NIS Regulations and bolster national cyber defenses. The bill proposes stricter security requirements for essential services, expanded incident reporting, and enhanced regulatory powers. It also includes new regulations for managed service providers and critical suppliers, with tougher penalties for serious offenses. The legislation follows multiple high-profile breaches and aims to address growing cyber threats, including those from AI and unsupported equipment. The bill aims to address annual damages of nearly £15 billion ($19.6 billion) from cyberattacks, with the average significant cyberattack costing over £190,000, totaling roughly £14.7 billion each year. The National Cyber Security Centre (NCSC) reported a 130% increase in "nationally significant" cyber incidents in 2025 compared to 2024. The Technology Secretary will have the authority to direct regulators and organizations to take actions when national security is threatened. Additionally, the House of Commons Business and Trade Committee has called for legislation to mandate the Software Security Code of Practice and proposed tax relief for businesses investing in cybersecurity measures. The Committee's report argues for making software developers liable for avoidable vulnerabilities and introducing mandatory cyber-incident reporting to build a clearer national threat picture.

Timeline

  1. 25.11.2025 12:45 3 articles · 2d ago

    House of Commons Committee Calls for Enhanced Economic Security Measures

    The House of Commons Business and Trade Committee published a report titled 'Toward a new doctrine for economic security', highlighting the growing risks of economic warfare and cyber-threats to the UK. The report cited cyber-threats over 100 times, emphasizing their impact on critical national infrastructure (CNI), private companies, and institutions. The committee recommended introducing legislation to mandate the Software Security Code of Practice and empower enforcement agencies to monitor compliance. They also proposed allowing businesses to claim tax relief on IT services that enhance operational resilience, including cybersecurity software and data protection solutions, and suggested consulting on proposals for a mandatory cyber-incident reporting regime. The report argues that voluntary measures are insufficient and recommends making software developers liable for avoidable vulnerabilities, incentivizing greater investment in cyber-resilience, and introducing mandatory cyber-incident reporting to build a clearer national threat picture.

    Show sources
    Open in new tab
  2. 12.11.2025 11:40 4 articles · 15d ago

    UK Introduces Cyber Security and Resilience Bill to Parliament

    The UK government has introduced the Cyber Security and Resilience Bill, proposing stricter security requirements for essential services, expanded incident reporting, and new regulations for managed service providers. The bill aims to address recent cyber threats and breaches, including ransomware attacks on critical infrastructure and state-sponsored cyber-espionage efforts. The bill also includes turnover-based penalties for serious breaches and grants the Technology Secretary authority to direct actions when national security is threatened. Additionally, the House of Commons Business and Trade Committee has called for legislation to mandate the Software Security Code of Practice and proposed tax relief for businesses investing in cybersecurity measures. The National Cyber Security Centre (NCSC) reported a 130% increase in "nationally significant" cyber incidents in 2025 compared to 2024, underscoring the urgent need for enhanced cybersecurity measures.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

UK Mobile Carriers to Block Spoofed Phone Numbers in Fraud Crackdown

Britain's largest mobile carriers have agreed to upgrade their networks to block spoofed phone numbers within a year. This initiative, part of the new Telecoms Charter, aims to combat fraud by preventing scammers from impersonating trusted entities. The upgrades will also include advanced call tracing technology to assist law enforcement in tracking down fraudsters. The carriers involved include BT EE, Virgin Media O2, Vodafone Three, Tesco Mobile, TalkTalk, and Sky. The agreement also includes commitments to improve support for scam victims and enhance data sharing with police. The UK government reports that 96% of mobile users check caller ID before answering, and three-quarters block calls from unknown international numbers, highlighting the need for this initiative.

Open in new tab

Increased Physical and Cyber Threats to US Power Grid

The US power grid faces escalating physical and cyber threats. Grid operators are urged to integrate cybersecurity and physical security strategies. Cyberattacks on utilities rose 69% in 2024, while physical attacks increased 71% in 2022. Both threat types are driven by various factors, including geopolitical tensions and the expanding attack surface due to grid modernization. The convergence of IT, OT, and physical security is crucial for protecting critical infrastructure. Industry experts and regulators emphasize the need for unified security strategies to mitigate risks and ensure continuous service.

Open in new tab

UK NCSC Reports Significant Increase in Nationally Significant Cyber Incidents

The UK’s National Cyber Security Centre (NCSC) reported 204 “nationally significant” cyber incidents between September 2024 and August 2025, representing a 130% increase from the previous year. The NCSC received 1727 incident tips, with 429 elevated to incidents requiring support. Recent high-profile attacks on Marks & Spencer, the Co-op Group, and Jaguar Land Rover highlighted the real-world impact of cyber threats. The NCSC emphasized the need for urgent action from business leaders to enhance cybersecurity defenses. The UK government has urged senior executives to better prepare for cyber-attacks, noting that cybersecurity has been a concern for middle management for too long. The NCSC's 2025 Annual Review included a letter from the CEO of the Co-op Group, emphasizing the responsibility of senior leaders in protecting their businesses. The NCSC launched the Cyber Action Toolkit to help small organizations improve their cyber defenses.

Open in new tab

Manufacturing Sector Continues to Face Heightened Ransomware Threats

Manufacturing remains the top target for ransomware attacks, with 22% of all reported incidents between April 2024 and March 2025. The sector's critical role in global supply chains makes it an attractive target for attackers who exploit security gaps and leverage AI to enhance their tactics. Recent high-profile incidents, such as the attack on Jaguar Land Rover, highlight the severe disruption and financial losses caused by these attacks. The manufacturing industry's reliance on legacy systems and the convergence of IT and OT environments create significant security challenges. Experts emphasize the need for robust patch management, network segmentation, and proactive third-party risk management to mitigate these threats.

Open in new tab

CISA Emergency Directive 25-03: Mitigation of Cisco ASA Zero-Day Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has **reiterated urgent warnings** to U.S. federal agencies after discovering that some organizations incorrectly applied updates for **CVE-2025-20333** and **CVE-2025-20362**, leaving devices marked as 'patched' but still vulnerable to active exploitation. CISA confirmed it is tracking ongoing attacks targeting unpatched Cisco ASA and Firepower devices within Federal Civilian Executive Branch (FCEB) agencies, with over **30,000 devices** remaining exposed globally, down from 45,000 in early October. The vulnerabilities enable unauthenticated remote code execution, unauthorized access to restricted endpoints, and denial-of-service (DoS) attacks. They have been linked to the **ArcaneDoor campaign**, a state-sponsored group active since at least July 2023, which has deployed malware like **RayInitiator** and **LINE VIPER**, manipulated ROM for persistence, and forced devices into reboot loops. CISA’s **Emergency Directive 25-03**, issued in September 2025, mandates federal agencies to account for all affected devices, disconnect end-of-support systems, and apply minimum software versions. The directive also introduced the **RayDetect scanner** to detect compromise evidence in ASA core dumps. Recent findings reveal the same threat actor also exploited **CVE-2025-5777 (Citrix Bleed 2)** and **CVE-2025-20337 (Cisco ISE)** as zero-days, deploying a custom web shell ('IdentityAuditAction') with advanced evasion techniques. The campaign’s indiscriminate targeting and multi-platform exploitation underscore the adversary’s broad capabilities and access to sophisticated tools.

Open in new tab