Relevant digital service providers
Why linked: Relevant digital service providers explanatory note — concept definition for RDSPs.
In response to: Cyber Security and Resilience (Network and Information Systems) Bill: factsheets
The Department for Digital, Culture, Media & Sport and Department for Science, Innovation and Technology are jointly leading policy on cyber security incentives and regulation to protect critical national infrastructure and promote economic growth. The McPartland review examines the relationship between cyber security and economic growth, while government monitors threats from nation states and criminal actors. This active policy addresses both defensive measures and incentive structures for private sector cyber resilience.
Why linked: Relevant digital service providers explanatory note — concept definition for RDSPs.
In response to: Cyber Security and Resilience (Network and Information Systems) Bill: factsheets
Why linked: PQ on companies paying ransoms — directly on the regulatory/incentives question.
To ask the Secretary of State for Science, Innovation and Technology, what assessment her Department has made of the proportion of companies paying ransoms to hackers following cyber-attacks; and what steps her Department is taking to improve cybersecurit
Why linked: PQ on support to small businesses to strengthen cybersecurity — incentives-side question.
To ask the Secretary of State for Science, Innovation and Technology, if she will set out what support is available to small businesses to strengthen cybersecurity to prevent economic disruption.
Why linked: PQ on aligning Cyber Essentials with insurance industry standards — directly on-thread incentives question.
To ask the Secretary of State for Science, Innovation and Technology, if she will take steps to align the National Cyber Security Centre’s Cyber Essentials certification with the insurance industry’s standards to protect organisations against cyber risk,
Why linked: PQ on mandatory minimum cyber resilience standards for strategic sectors — directly on-thread.
To ask the Secretary of State for Science, Innovation and Technology, what consideration she has given to the potential merits of introducing mandatory minimum cyber resilience standards for strategically important firms and supply chains.
Why linked: PQ on incident reporting criteria in the Cyber Security and Resilience Bill.
To ask the Secretary of State for Science, Innovation and Technology, what assessment he has made of the adequacy of the Cyber Security and Resilience Bill's incident reporting criteria for capturing novel failure modes arising from autonomous or adaptive
Why linked: PQ on investment in cyber security research to protect UK businesses.
To ask the Secretary of State for Science, Innovation and Technology, whether she plans to increase investment in cyber security research to protect UK businesses and public services.
Why linked: PQ on cyber governance regulations and business growth impact.
To ask the Secretary of State for Science, Innovation and Technology, what assessment she has made of the potential impact of cyber governance regulations on business growth in (a) Yeovil constituency, (b) Somerset, and (c) England.
Why linked: PQ on Cyber Security and Resilience (NIS) Bill — directly on the Bill.
To ask the Secretary of State for Science, Innovation and Technology, with reference to the Cyber Security and Resilience Bill (Network and Information Systems) Bill, a) what estimate she had made of the shortage of the cybersecurity skills which will …
Statement of intent between the Government of the United Kingdom of Great Britain and Northern Ireland and the Government of the Federal Republic of Nigeria.
The March 2026 edition of the DSIT cyber security newsletter.
Why linked: PQ on progress implementing remaining provisions of the PSTI Act.
To ask the Secretary of State for Science, Innovation and Technology, what progress has been made on the implementation of the remaining provisions of the Product Security and Telecommunications Infrastructure Act.
Why linked: PQ confirming section 70 PSTI Act 2022 remains uncommenced as of March 2026.
To ask the Secretary of State for Science, Innovation and Technology, what assessment her Department has made of the commencing Section 70 of the Product Security and Telecommunications Infrastructure Act 2022.
Why linked: Software Security Ambassadors Scheme operational documentation.
Software Security Ambassadors Scheme operational documentation.
In response to: Software Security Ambassadors Scheme
A scheme to champion secure software development and support a resilient cyber ecosystem.
Why linked: Filled the "Cyber security skills and workforce development initiatives" gap via web research
In response to: Cyber security skills in the UK labour market 2025
Why linked: Minister Lloyd's speech at the Software Security Ambassadors Scheme launch — direct ministerial position.
Liz Lloyd, Minister for the Digital Economy, spoke at the launch of the Software Security Ambassadors Scheme on 15 January 2026.
The December 2025 edition of the DSIT cyber security newsletter.
The June 2025 edition of the DSIT cyber security newsletter.
Why linked: Cyber security codes of practice landing page — operational frame for the codes.
This page brings together the government's codes of practice for cyber security. It explains who they are aimed at and how they align with Cyber Essentials.
Why linked: PAC evidence session on cyber resilience of Government taken from Cabinet Office and DSIT (May 2025).
On the basis of a report by the Comptroller and Auditor General, we took evidence from the Cabinet Office and the Department for Science, Innovation and Technology (DSIT) on the cyber resilience of Government.1 Type: conclusion | Number: 1 | …
Why linked: PQ on governance arrangements for Cyber Local fund in Northern Ireland — directly on a programme on the thread.
To ask the Secretary of State for Science, Innovation and Technology, what governance arrangements are in place for the Cyber Local fund in Northern Ireland; and what steps he plans to take to allow local groups in Northern Ireland to …
The April 2025 edition of the DSIT cyber security newsletter.
Cyber Local is the government's programme to deliver tailored support for the cyber security sector across the regions.
Why linked: PQ on UK contingency plans for quantum cyber threats.
To ask the Secretary of State for Science, Innovation and Technology, what assessment he has made of the adequacy of the UK's contingency plans to tackle quantum cyber threats; and if he will conduct a comparative assessment on the effectiveness …
Why linked: PQ on quantum computing threat to cybersecurity infrastructure — forward scope question.
To ask the Secretary of State for Science, Innovation and Technology, what steps he is taking to help tackle the threat posed by quantum computing to cybersecurity infrastructure.
Why linked: PQ on impact of AI by cyber-criminals and nation state actors — adjacent to incentives/regulation framing.
To ask the Secretary of State for Science, Innovation and Technology, what assessment he has made of the potential impact of the increased use of AI by (a) cyber-criminals and (b) nation state actors on cyber security risks to the …
Why linked: PQ on AI-enabled and other cyber attacks on economic security.
To ask the Secretary of State for Science, Innovation and Technology, what assessment he has made of the potential impact of (a) AI-enabled and (b) other cyber attacks on economic (i) security and (ii) competitiveness.
Why linked: PQ on Cyber Security and Resilience Bill provisions for regulated organisations.
To ask the Secretary of State for Science, Innovation and Technology, whether he plans to include provisions within the Cyber Security and Resilience Bill on requiring regulated organisations to adopt cybersecurity to help tackle AI-enabled threats.
Why linked: PQ on whether the Cyber Security and Resilience Bill will cover data centres.
To ask the Secretary of State for Science, Innovation and Technology, whether the Cyber Security and Resilience Bill will ensure that data centres are (a) secure and (b) resilient.
Why linked: PQ on effectiveness of cyber security laws and supporting regulatory guidance.
To ask the Secretary of State for Science, Innovation and Technology, what assessment he has made of the effectiveness of (a) cyber security laws and (b) supporting regulatory guidance in preventing supply chain attacks on critical (i) services and (ii) …
Why linked: PQ on impact of Part 2 of PSTI Act 2022 — directly on the consumer products regime.
To ask the Secretary of State for Science, Innovation and Technology, what assessment his Department has made of the potential impact of Part 2 of the Product Security and Telecommunications Infrastructure Act 2022 on the rollout of 5G.
This diagram shows how the five cyber security codes of practice apply to different organisations and technologies.
The March 2025 edition of the DSIT cyber security newsletter.
The February 2025 edition of the DSIT cyber security newsletter.
Why linked: PQ on Cyber Security and Resilience Bill public-sector protection.
To ask the Secretary of State for Science, Innovation and Technology, what steps his Department is taking to ensure that the public sector is adequately protected under the forthcoming Cyber Security and Resilience Bill, and whether he plans to extend …
Why linked: PQ on incentives and funding mechanisms for cyber security — directly on-thread.
To ask the Secretary of State for Science, Innovation and Technology, whether his Department plans to introduce (a) incentives and (b) funding mechanisms to encourage businesses and public sector organisations to comply with strengthened cybersecurity req
Feedback from a call for views on the code of practice for software vendors, and the government's response.
Why linked: Correspondence from SoS DSIT on publication of government response on related cyber matters.
Direction: unknown
Why linked: Correspondence from SoS DSIT relating to the publication of the Government response to the McPartland Review.
Direction: unknown
The International Coalition on Cyber Security Workforces is working to develop and maintain skilled cyber security workforces.
A list of Cyber Local projects which received funding in 2025.
The November 2024 edition of the DSIT cyber security newsletter.
The December 2024 edition of the DSIT cyber security newsletter.
A joint statement on how the UK's leading banks are working with the government to expand the role of Cyber Essentials and improve supply chain cyber security.
The October 2024 edition of the DSIT cyber security newsletter.
The September 2024 edition of the DSIT cyber security newsletter.
The August 2024 edition of the DSIT cyber security newsletter.
Why linked: Correspondence from SoS DSIT on Call for Views on Cyber Security of AI — AI Cyber Security Code precursor.
Direction: unknown
The April 2024 edition of the monthly DSIT cyber security newsletter.
Why linked: Enforcement management model: transport sector — direct guidance on NIS enforcement options.
Helps operators of essential services understand the enforcement options under the Network and Information Systems Regulations (2018) and how DfT will apply these within the transport sector.
Why linked: PQ on reviewing regulatory oversight and promoting good practice — directly on the regulation-of-cyber question.
To ask the Secretary of State for Science, Innovation and Technology, if she will make an assessment of the potential merits of (a) reviewing regulatory oversight of and (b) promoting good practice by the telecoms industry.
Why linked: Correspondence relating to the McPartland review of cyber security and economic growth.
Direction: unknown
Why linked: Filled the "McPartland Review on cyber security and economic growth" gap via web research
The McPartland Review of Cyber Security and Economic Growth was seeking views and evidence to inform its work.
The February 2024 edition of the monthly DSIT cyber security newsletter.
The government has asked the Rt Hon Stephen McPartland MP to conduct an independent review into cyber security as an enabler of economic growth.
Why linked: PQ on implementation of sections 61–65 and remaining provisions of the PSTI Act.
To ask the Secretary of State for Science, Innovation and Technology, when she will implement (a) Section 61 to 65 and (b) the remaining provisions of the Product Security and Telecommunications Infrastructure Act 2022.
Why linked: PQ on Ofcom monitoring compliance by network operators — adjacent to telecoms security carve-out.
To ask the Secretary of State for Science, Innovation and Technology, if she will make an assessment of the potential merits of instructing Ofcom to (a) monitor compliance by (i) network operators and (ii) contractors using Openreach ducts and (b) …
Why linked: PQ on security of network infrastructure and preventing unauthorised access — NIS scope.
To ask the Secretary of State for Science, Innovation and Technology, what steps her Department is taking to (a) ensure the security of network infrastructure and (b) prevent unauthorised access to fibre lines during the (i) installation and (ii) utilisat
The December 2023 edition of the monthly DSIT cyber security newsletter.
Call for Information on the uses and security of Private Telecommunications Networks within the UK.
We’re seeking views on the opportunities for connected digital twins and other advanced cyber-physical systems to enable a national capability in CPI.
The November 2023 edition of the monthly DSIT cyber security newsletter.
This code of practice sets out minimum security and privacy requirements for app store operators and app developers.
Why linked: Implementation of NIS Regulations 2018 for the energy sector in Great Britain — sector implementation guidance.
High level policy principles for compliance with the Network and Information Systems (NIS) Regulations 2018, for operators in energy sector.
Why linked: NIS Regulations 2018: health sector guide — direct operational guidance for an OES sector.
A guide for designated operators of essential services for healthcare in England explaining the practical impact of the NIS Regulations.
Call for Information on the uses and security of Private Telecommunications Networks within the UK.
The September 2023 edition of the monthly DSIT cyber security newsletter.
Why linked: SIT Committee recommendation that responsibilities for cyber policy be unified on creation of DSIT — committee position.
The creation of the Department for Science, Innovation and Technology is an opportunity to ensure a comprehensive, joined up approach to cyber policy. We recommend that responsibilities for cyber policy is co-ordinated by the dedicated Department for Science, Innovation and …
An evaluation of the government's LORCA programme to help cyber security businesses innovate, develop and grow.
The August 2023 edition of the monthly DSIT cyber security newsletter.
The July 2023 edition of the monthly DSIT cyber security newsletter.
Call for Information on the uses and security of Private Telecommunications Networks within the UK.
The June 2023 edition of the monthly DSIT cyber security newsletter.
The February 2023 edition of the monthly DSIT cyber security newsletter.
UIN: HLWS535 I am repeating the following Written Ministerial Statement made today in the other place by my Honourable Friend, the Minister for Media, Data, and Digital Infrastructure, Julia Lopez MP:I am pleased to inform the House that the government …
The government is holding a call for views on plans to improve the security and privacy of apps and app stores.
In response to: Proposal for legislation to improve the UK’s cyber resilience
In response to: Proposal for legislation to improve the UK’s cyber resilience
The government is consulting on proposals for new laws to improve the cyber resilience of organisations which are important to the UK economy. We received a number of positive responses which are being considered. The government hopes to respond to …
Why linked: RPC opinion on NIS Regulations 2018 PIR — independent scrutiny of the post-implementation review.
Regulatory Policy Committee opinion on DCMS' Network and Information Systems Regulations 2018 PIR
Why linked: Government response on telecoms security regulations and code of practice.
Government response on telecoms security regulations and code of practice.
In response to: Proposal for new telecoms security regulations and code of practice
Why linked: Telecoms security regulations consultation outcome — defines the parallel telecoms regime carve-out.
The government is consulting on proposals for new regulations and a code of practice to improve the security and resilience of public telecoms networks and services.
Why linked: Consultation on NIS Regulations guidance for the energy sector — sector-specific implementation.
We're seeking views on proposed updates to guidance for operators in the energy sector on compliance with the Network and Information Systems Regulations 2018.
Why linked: Second Post-Implementation Review of NIS — full analysis document.
Second Post-Implementation Review of NIS — full analysis document.
In response to: Second Post-Implementation Review of the Network and Information Systems Regulations 2018
Why linked: Second Post-Implementation Review of NIS Regulations 2018 — the statutory review that drove the current Bill.
This review assesses the effectiveness of the NIS Regulations, which were introduced in 2018 to improve the security & resilience of essential & digital services.
Why linked: WMS publishing the second NIS Post-Implementation Review.
UIN: HLWS168 I am repeating the following Written Ministerial Statement made today in the other place by my Honourable Friend, the Minister for Media, Data, and Digital Infrastructure, Julia Lopez MP:Today I am publishing the statutory post-implementation review of th...
UIN: HCWS173 Today I am publishing the statutory post-implementation review of the Network and Information Systems Regulations 2018 on the Government’s website. This is the second review of the Regulations since their implementation.The Regulations came into force in ...
The government is holding a call for views on plans to improve the security and privacy of apps and app stores.
We’re seeking views on the opportunities for connected digital twins and other advanced cyber-physical systems to enable a national capability in CPI.
UIN: HCWS3 I am pleased to inform the House that the Government has published a document titled ‘Call for Views on App Security and Privacy Interventions’, which sets out proposed interventions to protect consumers from malicious and poorly developed apps.App …
UIN: HLWS2 I am repeating the following Written Ministerial Statement made today in the other place by my Honourable Friend, the Minister for Media, Data, and Digital Infrastructure, Julia Lopez MP:I am pleased to inform the House that the Government …
The government is holding a call for views on plans to improve the security and privacy of apps and app stores.
The government is conducting research to evaluate the effectiveness of its cyber security growth and innovation programmes.
The government is consulting on proposals for new laws to improve the cyber resilience of organisations which are important to the UK economy. We received a number of positive responses which are being considered. The government hopes to respond to …
The April 2022 edition of the monthly DCMS cyber security newsletter.
We’re seeking views on the opportunities for connected digital twins and other advanced cyber-physical systems to enable a national capability in CPI.
Why linked: Lords WMS on draft Telecoms Security Regulations consultation.
UIN: HLWS630 I am repeating the following Written Ministerial Statement made today in the other place by my Honourable Friend, the Minister for Media, Data, and Digital Infrastructure, Julia Lopez MP:The Government wants to ensure that the UK has world-class …
Why linked: WMS on consultation on draft Telecoms Security Regulations and Code of Practice.
UIN: HCWS646 The Government wants to ensure that the UK has world-class fixed and wireless digital infrastructure as soon as possible, unlocking the huge economic and social benefits these will bring. As we become more dependent on these technologies, their …
In response to: 2022 cyber security incentives and regulation review
The government is consulting on proposals for new laws to improve the cyber resilience of organisations which are important to the UK economy. We received a number of positive responses which are being considered. The government hopes to respond to …
This review details the progress made in improving cyber resilience in recent years and sets out further government intervention to protect organisations online
Why linked: WMS announcing the National Cyber Strategy 2022 — successor strategy.
UIN: HCWS484 I am pleased to announce the publication of the new National Cyber Strategy.This strategy builds on the significant progress made through the National Cyber Security Strategy 2016-2021 and delivers on a commitment made in the Government’s Integrated Revie...
Why linked: Government response on amending the NIS regulations (2021) — direct precursor to the Bill.
The government's response to a call for views on amending the Security of Network and Information Systems (NIS) Regulations
In response to: Call for views on supply chain cyber security
Why linked: Call for views on security of network and information systems — companion document.
Call for views on security of network and information systems — companion document.
In response to: Call for views on amending the NIS regulations
Why linked: Call for views on amending the NIS regulations — direct evidence base for the Bill.
A call for views on amending the incident reporting framework for digital service providers within the Network & Information Systems (NIS) regulations.
Why linked: PQ on plans to update the National Cyber Security Strategy — parliamentary scrutiny.
To ask Her Majesty's Government what plans they have to update the National Cyber Security Strategy, last published on 11 November 2016.
In response to: Regulating consumer smart product cyber security - government response
UIN: HCWS934 This government has ambitious plans to ensure that the increasingly diverse range of consumer products that can connect to the internet are more secure by having cyber security designed into them by default.Since 2018, the UK has been …
UIN: HLWS928 My Honourable Friend the Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport, Matt Warman MP, has made the following Statement:This government has ambitious plans to ensure that the increasingly diverse range of consumer products ...
The government's response to a call for views on proposals for regulating consumer smart product cyber security.
In producing a national strategy for critical and emerging technologies, the Government should consider the security of the universities, businesses and other institutions conducting research into these technologies. Although guidance for the sector has recently been developed, the Government should
Why linked: NIS Regulations guidance for UK DSPs operating in the EU — companion cross-border guidance.
What UK digital services providers must do to comply with the regulations covering the security of network and information systems.
Why linked: NIS Regulations guidance for non-UK digital service providers — implements reg. 8A nominated representative regime.
What organisations based outside the UK offering services in the UK must do to comply with the regulations covering the security of network and information systems.
Why linked: Matched expansion phrase: National Cyber Security Strategy
The National Cyber Security Strategy 2016 to 2021 and progress so far against its strategic outcomes.
Why linked: SI 2020/1245 is a foundational statutory instrument for the regime; the attached document is the operationalising amendment of NIS 2018.
The Network and Information Systems Regulations 2018 (S.I. 2018/506) (“the 2018 Regulations”), as amended by the Network and Information Systems (Amendment) Regulations 2018 (S.I. 2018/629), implement Directive (EU) 2016/1148 of the European Parliament and of the Council concerning measures for …
Why linked: Government response to the call for views on proposed legislation amending NIS 2018 — direct precursor to SI 2020/1245.
Government response to the call for views on proposed legislation amending NIS 2018 — direct precursor to SI 2020/1245.
In response to: Call for views on proposed amendments to the Network and Information Systems Regulations
Why linked: Call for views on amending the NIS regulations 2018.
Call for views on amending the NIS regulations 2018.
In response to: Call for views on proposed amendments to the Network and Information Systems Regulations
In response to: Proposals for regulating consumer smart product cyber security - call for views
A call for views on proposals for regulating the cyber security of consumer 'smart' products ran from 16 July to 6 September 2020.
In response to: Cyber security incentives & regulation review: government response to the call for eviden…
A summary of evidence received by the government as part of the Review of Cyber Security Incentives & Regulation, plus associated research publications.
UIN: HCWS375 This government has ambitious plans to ensure the UK’s smart technology, products and services are more secure by having cyber security designed into them by default.From January 2017 to February 2018, my department conducted a review, in collaboration …
UIN: HLWS369 My Honourable Friend the Parliamentary Under Secretary of State for Digital Infrastructure:, Matt Warman MP, has made the following Statement: This government has ambitious plans to ensure the UK’s smart technology, products and services are more secure b...
In response to: Proposed changes to the Cyber Security Breaches Survey
In response to: Consultation on regulatory proposals on consumer IoT security
In response to: Consultation on regulatory proposals on consumer IoT security
Consultation on the Government’s regulatory proposals regarding consumer Internet of Things (IoT) security
A call for evidence to help improve cyber security across the UK economy.
Government response to a call for views on the proposed approach to cyber security certification following the UK’s departure from the EU.
Following EU Exit, the UK proposes to introduce a requirement for non-UK based DSPs offering services in the UK to comply with the NIS Regulations.
Why linked: Cabinet Office letter on National Cyber Security Strategy update — direct strategy correspondence.
Direction: to_committee
Following EU Exit, the UK proposes to introduce a requirement for non-UK based DSPs offering services in the UK to comply with the NIS Regulations.
Consultation on the Government’s regulatory proposals regarding consumer Internet of Things (IoT) security
Why linked: Filled the "Cyber security skills and workforce development initiatives" gap via web research
In response to: Cyber Security Skills Strategy
Consultation on the Government’s regulatory proposals regarding consumer Internet of Things (IoT) security
Following EU Exit, the UK proposes to introduce a requirement for non-UK based DSPs offering services in the UK to comply with the NIS Regulations.
The Government held a targeted consultation on the implementation of the NIS Directive and its associated Implementing Act for digital service providers.
The Department for Digital, Culture, Media & Sport (DCMS) is running a survey to gather data on the UK's cyber security industry.
Government response to feedback onSecure by Design: Improving the cyber security of consumer internet of things report published on the 7 March 2018
The Government held a public consultation on its proposals to implement the Directive on the security of Network and Information Systems (NIS Directive).
The Government held a targeted consultation on the implementation of the NIS Directive and its associated Implementing Act for digital service providers.
Why linked: NIS Regulations: Impact Assessment (2018) — baseline evidence for the original regime.
This document sets out the expected impact of the Network & Information Systems Regulations 2018.
The Government held a targeted consultation on the implementation of the NIS Directive and its associated Implementing Act for digital service providers.
Call for views on the European Commission’s proposed Regulation on ENISA, the “EU Cybersecurity Agency”, and on Cyber Security Certification.
Call for views on the European Commission’s proposed Regulation on ENISA, the “EU Cybersecurity Agency”, and on Cyber Security Certification.
Call for views on the European Commission’s proposed Regulation on ENISA, the “EU Cybersecurity Agency”, and on Cyber Security Certification.
The Government held a public consultation on its proposals to implement the Directive on the security of Network and Information Systems (NIS Directive).
Why linked: National Cyber Security Strategy 2016–2021 — predecessor strategic framework.
The National Cyber Security Strategy 2016 to 2021 sets out the government's plan to make Britain secure and resilient in cyberspace.
The Department for Digital, Culture, Media & Sport (DCMS) is running a survey to gather data on the UK's cyber security industry.
The Department for Digital, Culture, Media & Sport (DCMS) is running a survey to gather data on the UK's cyber security industry.
The Government held a public consultation on its proposals to implement the Directive on the security of Network and Information Systems (NIS Directive).
Why linked: POSTnote 554 on cyber security of UK infrastructure — independent parliamentary briefing.
Type: POSTnote (POST-PN-0554) The Government has identified ‘cyber’ as one of six Tier 1 threats to UK national security. This POSTnote focuses on the cyber security of the UK’s critical national infrastructure, describing measures to improve cyber security and challenges …
This review considered whether there is a need for additional regulation or incentives to boost cyber risk management in the wider economy.