UK cyber bill would add regulatory duties for data centers, services providers

( November 12, 2025, 14:18 GMT | Official Statement) -- MLex Summary: The UK government’s cyber security bill would add regulatory requirements for data centers and managed service providers, and give the UK privacy regulator wider powers over cyber resilience. The Cyber Security and Resilience (Network and Information Systems) Bill, which was introduced on Wednesday, would also broaden reportable incidents to include pre-positioning and ransomware, and require companies to file an initial report within 24 hours and a full report within 72 hours. The bill must be passed by the UK parliament to become law.Proposed bill and explanatory notes attached. ...

Prepare for tomorrow’s regulatory change, today

MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.

Know what others in the room don’t, with features including:

Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
Curated case files bringing together news, analysis and source documents in a single timeline

Experience MLex today with a 14-day free trial.

Start Free Trial

Already a subscriber? Click here to login

UK cyber bill would add regulatory duties for data centers, services providers

Prepare for tomorrow’s regulatory change, today

Documents

Related Sections