Information since 14 Oct 2025, 7:41 a.m.
| Calendar |
|---|
|
Tuesday 10th February 2026 9:25 a.m. Cyber Security and Resilience (Network and Information Systems) Bill - Debate Subject: Further to consider the Bill View calendar - Add to calendar |
|
Tuesday 10th February 2026 2 p.m. Cyber Security and Resilience (Network and Information Systems) Bill - Debate Subject: Further to consider the Bill View calendar - Add to calendar |
|
Thursday 5th February 2026 11:30 a.m. Cyber Security and Resilience (Network and Information Systems) Bill - Debate Subject: Further to consider the Bill View calendar - Add to calendar |
|
Thursday 5th February 2026 2 p.m. Cyber Security and Resilience (Network and Information Systems) Bill - Debate Subject: Further to consider the Bill View calendar - Add to calendar |
|
Tuesday 3rd February 2026 9:25 a.m. Cyber Security and Resilience (Network and Information Systems) Bill - Oral evidence Subject: To consider the Bill At 9:25am: Oral evidence Jen Ellis - Associate Fellow, Cyber and Tech at RUSI David Cook - Partner at DLA Piper At 10:00am: Oral evidence Dr Sanjana Mehta - Senior Director for Advocacy at ISC2 Stuart McKean - Chairman at Nine23 Jill Broom - Head of Cyber Resilience at techUK At 10:40am: Oral evidence Dr Ian Levy CMG OBE - VP of Security at Amazon Matt Houlihan - VP for Government Affairs in Europe at CISCO UK and Ireland Mr Ben Lyons - Senior Director of Policy and Public Affairs at Darktrace Chris Anley - Chief Scientist at NCC Group View calendar - Add to calendar |
|
Tuesday 3rd February 2026 2 p.m. Cyber Security and Resilience (Network and Information Systems) Bill - Oral evidence Subject: Further to consider the Bill At 2:00pm: Oral evidence Ian Hulme - Interim Executive Director of Regulatory Supervision and Director of Regulatory Assurance at Information Commissioner's Office (ICO) Natalie Black CBE - Group Director for Infrastructure and Connectivity at Ofcom Stuart Okin - Director of Cyber Regulation and AI at Ofgem At 2:40pm: Oral evidence Chung Ching Kwong - Senior Analyst at Inter-Parliamentary Alliance on China (UK) At 3:00pm: Oral evidence Professor John Child, Professor of Criminal Law, University of Birmingham At 3:20pm: Oral evidence Detective Chief Superintendent Andrew Gould - Lead, NPCC Cyber Crime programme at National Police Chiefs’ Council At 3:40pm: Oral evidence Richard Starnes - Chair at Information Security Panel for the Worshipful Company of Information Technologists At 4:00pm: Oral evidence Brian Miller - Head of IT Security and Compliance at NHS Greater Glasgow and Clyde Stewart Whyte - Data Protection Officer at NHS Greater Glasgow and Clyde At 4:20pm: Oral evidence Chris Parker MBE - Director, Government Strategy at Fortinet Carla Baker - Senior Director, Government Affairs UK&I at Palo Alto Networks At 4:50pm: Oral evidence Kanishka Narayan MP - Parliamentary Under-Secretary of State (Minister for AI and Online Safety) at Department for Science, Innovation and Technology View calendar - Add to calendar |
|
Monday 2nd February 2026 6 p.m. Cyber Security and Resilience (Network and Information Systems) Bill: Programming Sub Committee - Private Meeting View calendar - Add to calendar |
| Parliamentary Debates |
|---|
|
Cyber Security and Resilience (Network and Information Systems) Bill (Seventh sitting)
90 speeches (12,671 words) Committee stage: 7th sitting Tuesday 24th February 2026 - Public Bill Committees Department for Science, Innovation & Technology Mentions: 1: Ben Spencer (Con - Runnymede and Weybridge) that we expect of the essential and digital services in scope of the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Cyber Security and Resilience (Network and Information Systems) Bill (Fifth sitting)
82 speeches (16,677 words) Committee stage: 5th sitting Tuesday 10th February 2026 - Public Bill Committees Department for Science, Innovation & Technology |
|
Cyber Security and Resilience (Network and Information Systems) Bill (Sixth sitting)
109 speeches (18,127 words) Committee stage: 6th sitting Tuesday 10th February 2026 - Public Bill Committees Department for Science, Innovation & Technology |
|
Russian Influence on UK Politics and Democracy
68 speeches (20,630 words) Monday 9th February 2026 - Westminster Hall Cabinet Office Mentions: 1: Anneliese Dodds (LAB - Oxford East) somehow a one-off, but we know now—this was discussed in relation to the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech 2: Lincoln Jopp (Con - Spelthorne) In preparation for this debate, I looked at the statement that the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Cyber Security and Resilience (Network and Information Systems) Bill (Fourth sitting)
73 speeches (11,172 words) Committee stage: 4th sitting Thursday 5th February 2026 - Public Bill Committees Department for Science, Innovation & Technology |
|
Cyber Security and Resilience (Network and Information Systems) Bill (Third sitting)
80 speeches (11,190 words) Committee stage: 3rd sitting Thursday 5th February 2026 - Public Bill Committees Department for Science, Innovation & Technology |
|
Cyber Security and Resilience (Network and Information Systems) Bill (Second sitting)
125 speeches (27,382 words) Committee stage: 2nd sitting Tuesday 3rd February 2026 - Public Bill Committees Department for Science, Innovation & Technology |
|
Cyber Security and Resilience (Network and Information Systems) Bill (First sitting)
62 speeches (17,167 words) Committee stage:Commitee Debate: 1st sitting Tuesday 3rd February 2026 - Public Bill Committees Department for Science, Innovation & Technology |
|
Science, Innovation and Technology
5 speeches (318 words) Thursday 29th January 2026 - Written Corrections Department for Digital, Culture, Media & Sport Mentions: 1: None Reading of the Cyber Security and Resilience (Network and Information Systems) Bill on 6 January 2026 - Link to Speech 2: Ian Murray (Lab - Edinburgh South) Bill.The following extract is from the Second Reading debate on the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Cyber Security and Resilience (Network and Information Systems) Bill
90 speeches (33,301 words) 2nd reading2nd Reading Commons Hansard Link Tuesday 6th January 2026 - Commons Chamber Department for Digital, Culture, Media & Sport Mentions: 1: Victoria Collins (LD - Harpenden and Berkhamsted) Deputy Speaker.It is a pleasure to finally address the long-awaited Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech 2: Amanda Martin (Lab - Portsmouth North) I welcome the Cyber Security and Resilience (Network and Information Systems) Bill because it reflects - Link to Speech 3: Ben Lake (PC - Ceredigion Preseli) pleased to say that I support the Government’s introduction of the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech 4: Kanishka Narayan (Lab - Vale of Glamorgan) No. 52(1)(a)),That, for the purposes of any Act resulting from the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Business of the House
109 speeches (11,572 words) Thursday 11th December 2025 - Commons Chamber Leader of the House Mentions: 1: Alan Campbell (Lab - Tynemouth) Backbench Business Committee.Tuesday 6 January—Second Reading of the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Oral Answers to Questions
139 speeches (8,707 words) Thursday 4th December 2025 - Commons Chamber Cabinet Office Mentions: 1: Dan Jarvis (Lab - Barnsley North) The Government recently introduced the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Dawn Sturgess Inquiry
30 speeches (6,689 words) Thursday 4th December 2025 - Commons Chamber Cabinet Office Mentions: 1: Dan Jarvis (Lab - Barnsley North) He will know that the Government introduced the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
China Espionage: Government Security Response
15 speeches (7,135 words) Tuesday 18th November 2025 - Lords Chamber Northern Ireland Office Mentions: 1: Baroness Anderson of Stoke-on-Trent (Lab - Life peer) Just last week, we introduced the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
China Espionage: Government Security Response
59 speeches (10,328 words) Tuesday 18th November 2025 - Commons Chamber Cabinet Office Mentions: 1: Dan Jarvis (Lab - Barnsley North) Just last week, we introduced the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Business of the House
130 speeches (11,338 words) Thursday 13th November 2025 - Commons Chamber Leader of the House Mentions: 1: Alan Campbell (Lab - Tynemouth) The Cyber Security and Resilience (Network and Information Systems) Bill was introduced to Parliament - Link to Speech |
|
Cyber-security and Resilience
1 speech (920 words) Wednesday 12th November 2025 - Written Statements Department for Science, Innovation & Technology Mentions: 1: Kanishka Narayan (Lab - Vale of Glamorgan) and underpin economic growth.This is why today we will introduce the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
| Written Answers |
|---|
|
Artificial Intelligence: Cybersecurity
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer) Tuesday 17th February 2026 Question to the Department for Science, Innovation & Technology: To ask His Majesty's Government what assessment they have made of the effectiveness of cybersecurity legislation for AI-associated cyber threats; and what steps they are taking to improve legislation to address those threats. Answered by Baroness Lloyd of Effra - Baroness in Waiting (HM Household) (Whip) A range of existing rules already apply to artificial intelligence (AI) systems, such as data protection, competition, equality legislation, and online safety. The Department for Science, Innovation and Technology (DSIT), in close collaboration with the National Cyber Security Centre (NCSC), has created a voluntary Software Security Code of Practice which enables software vendors to secure software at all stages of their lifecycle.
As a government, we have also committed through the AI Action Plan to work with regulators to boost their capabilities, and DSIT and NCSC have taken a leading role in the development of the world's first published global standard for AI cyber security in ETSI (EN 304 223), which sets minimum-security requirements to help secure AI models and systems.
The Cyber Security and Resilience (Network and Information Systems) Bill does not specifically bring large language models or AI companies into scope. However, where organisations in scope of the Bill use AI models and systems, that organisation will need to take appropriate and proportionate steps to manage the risks to these from hackers. This would include large language models which are used as part of the day-to-day software available to staff in a hospital.
The practices recommended to protect against AI-driven cyber threats are essentially the same as those recommended for protecting against “traditional” cyber threats, which are to get good cyber hygiene measures in place, such as using the government’s Cyber Essentials scheme, and managing digital risks by using the Cyber Governance Code of Practice. |
|
Energy: Cybersecurity
Asked by: Saqib Bhatti (Conservative - Meriden and Solihull East) Thursday 29th January 2026 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology, what assessment she has made of the potential impact of the Cyber Security and Resilience (Network and Information Systems) Bill on the cyber resilience of energy infrastructure. Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology) The government's Cyber Security Breaches Survey shows that 43% of UK businesses reported experiencing a cyber breach or attack within the past year. Within the utilities sector this figure is 48%. The survey does not specifically detail cyber attacks on energy infrastructure. The National Cyber Security Centre (NCSC) has warned there is a significant and enduring cyber threat faced by the UK’s critical national infrastructure. As part of its routine operations the NCSC works closely with all areas of the UK’s critical national infrastructure to highlight the cyber threat landscape and associated mitigation activities. As noted in its Annual Review (2025) the NCSC has undertaken a wide range of activities to enhance protections for the UK’s energy infrastructure, including delivering technical advice and guidance on cyber security challenges, working directly with key suppliers on cyber security initiatives, and providing additional support to operators of renewable energy assets. The annual review also notes how NCSC has deepened its understanding of cyber maturity in critical national infrastructure, enabling more targeted interventions and strengthening the UK’s ability to identify and eliminate sophisticated threat actors. The Cyber Security and Resilience (Network and Information Systems) Bill updates the Network and Information Systems Regulations 2018, which includes essential services in the energy sector. The Bill will improve the cyber security of the energy sector and its infrastructure through better resourced regulators to respond to cyber threats, and a stronger mechanism for government to set priority outcomes for regulators to work to. The incident reporting framework will also be updated through the Bill, including for the energy sector. Under the existing reporting regime, too many significant incidents do not need to be reported, and this creates a gap in the government’s knowledge and ability to protect the UK from harm. A wider range of significant incidents, such as successful ransomware and pre-positioning will need to be reported under the Bill. A light touch, initial notification will also be required within 24 hours of an incident being discovered will enable quicker and more effective support to be provided to organisations. The Bill will keep pace with an increasingly digitalised and interconnected energy sector by bringing load controllers into scope of the NIS Regulations as a new essential service, where they meet the threshold, ensuring regulation is focused where the risk is greatest. |
|
Energy: Cybercrime
Asked by: Saqib Bhatti (Conservative - Meriden and Solihull East) Thursday 29th January 2026 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology, what estimate her Department has made of the number of cyber attacks on energy infrastructure. Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology) The government's Cyber Security Breaches Survey shows that 43% of UK businesses reported experiencing a cyber breach or attack within the past year. Within the utilities sector this figure is 48%. The survey does not specifically detail cyber attacks on energy infrastructure. The National Cyber Security Centre (NCSC) has warned there is a significant and enduring cyber threat faced by the UK’s critical national infrastructure. As part of its routine operations the NCSC works closely with all areas of the UK’s critical national infrastructure to highlight the cyber threat landscape and associated mitigation activities. As noted in its Annual Review (2025) the NCSC has undertaken a wide range of activities to enhance protections for the UK’s energy infrastructure, including delivering technical advice and guidance on cyber security challenges, working directly with key suppliers on cyber security initiatives, and providing additional support to operators of renewable energy assets. The annual review also notes how NCSC has deepened its understanding of cyber maturity in critical national infrastructure, enabling more targeted interventions and strengthening the UK’s ability to identify and eliminate sophisticated threat actors. The Cyber Security and Resilience (Network and Information Systems) Bill updates the Network and Information Systems Regulations 2018, which includes essential services in the energy sector. The Bill will improve the cyber security of the energy sector and its infrastructure through better resourced regulators to respond to cyber threats, and a stronger mechanism for government to set priority outcomes for regulators to work to. The incident reporting framework will also be updated through the Bill, including for the energy sector. Under the existing reporting regime, too many significant incidents do not need to be reported, and this creates a gap in the government’s knowledge and ability to protect the UK from harm. A wider range of significant incidents, such as successful ransomware and pre-positioning will need to be reported under the Bill. A light touch, initial notification will also be required within 24 hours of an incident being discovered will enable quicker and more effective support to be provided to organisations. The Bill will keep pace with an increasingly digitalised and interconnected energy sector by bringing load controllers into scope of the NIS Regulations as a new essential service, where they meet the threshold, ensuring regulation is focused where the risk is greatest. |
|
Energy: Cybercrime
Asked by: Saqib Bhatti (Conservative - Meriden and Solihull East) Thursday 29th January 2026 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology, what assessment her Department has made of the potential merits of creating a cyber incident database with compulsory fixes to be created for energy infrastructure. Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology) The government's Cyber Security Breaches Survey shows that 43% of UK businesses reported experiencing a cyber breach or attack within the past year. Within the utilities sector this figure is 48%. The survey does not specifically detail cyber attacks on energy infrastructure. The National Cyber Security Centre (NCSC) has warned there is a significant and enduring cyber threat faced by the UK’s critical national infrastructure. As part of its routine operations the NCSC works closely with all areas of the UK’s critical national infrastructure to highlight the cyber threat landscape and associated mitigation activities. As noted in its Annual Review (2025) the NCSC has undertaken a wide range of activities to enhance protections for the UK’s energy infrastructure, including delivering technical advice and guidance on cyber security challenges, working directly with key suppliers on cyber security initiatives, and providing additional support to operators of renewable energy assets. The annual review also notes how NCSC has deepened its understanding of cyber maturity in critical national infrastructure, enabling more targeted interventions and strengthening the UK’s ability to identify and eliminate sophisticated threat actors. The Cyber Security and Resilience (Network and Information Systems) Bill updates the Network and Information Systems Regulations 2018, which includes essential services in the energy sector. The Bill will improve the cyber security of the energy sector and its infrastructure through better resourced regulators to respond to cyber threats, and a stronger mechanism for government to set priority outcomes for regulators to work to. The incident reporting framework will also be updated through the Bill, including for the energy sector. Under the existing reporting regime, too many significant incidents do not need to be reported, and this creates a gap in the government’s knowledge and ability to protect the UK from harm. A wider range of significant incidents, such as successful ransomware and pre-positioning will need to be reported under the Bill. A light touch, initial notification will also be required within 24 hours of an incident being discovered will enable quicker and more effective support to be provided to organisations. The Bill will keep pace with an increasingly digitalised and interconnected energy sector by bringing load controllers into scope of the NIS Regulations as a new essential service, where they meet the threshold, ensuring regulation is focused where the risk is greatest. |
|
Energy: Cybercrime
Asked by: Saqib Bhatti (Conservative - Meriden and Solihull East) Thursday 29th January 2026 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology, what assessment her Department has made of the risk of cyber attacks on energy infrastructure. Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology) The government's Cyber Security Breaches Survey shows that 43% of UK businesses reported experiencing a cyber breach or attack within the past year. Within the utilities sector this figure is 48%. The survey does not specifically detail cyber attacks on energy infrastructure. The National Cyber Security Centre (NCSC) has warned there is a significant and enduring cyber threat faced by the UK’s critical national infrastructure. As part of its routine operations the NCSC works closely with all areas of the UK’s critical national infrastructure to highlight the cyber threat landscape and associated mitigation activities. As noted in its Annual Review (2025) the NCSC has undertaken a wide range of activities to enhance protections for the UK’s energy infrastructure, including delivering technical advice and guidance on cyber security challenges, working directly with key suppliers on cyber security initiatives, and providing additional support to operators of renewable energy assets. The annual review also notes how NCSC has deepened its understanding of cyber maturity in critical national infrastructure, enabling more targeted interventions and strengthening the UK’s ability to identify and eliminate sophisticated threat actors. The Cyber Security and Resilience (Network and Information Systems) Bill updates the Network and Information Systems Regulations 2018, which includes essential services in the energy sector. The Bill will improve the cyber security of the energy sector and its infrastructure through better resourced regulators to respond to cyber threats, and a stronger mechanism for government to set priority outcomes for regulators to work to. The incident reporting framework will also be updated through the Bill, including for the energy sector. Under the existing reporting regime, too many significant incidents do not need to be reported, and this creates a gap in the government’s knowledge and ability to protect the UK from harm. A wider range of significant incidents, such as successful ransomware and pre-positioning will need to be reported under the Bill. A light touch, initial notification will also be required within 24 hours of an incident being discovered will enable quicker and more effective support to be provided to organisations. The Bill will keep pace with an increasingly digitalised and interconnected energy sector by bringing load controllers into scope of the NIS Regulations as a new essential service, where they meet the threshold, ensuring regulation is focused where the risk is greatest. |
|
Energy: Cybercrime
Asked by: David Reed (Conservative - Exmouth and Exeter East) Tuesday 23rd December 2025 Question to the Department for Energy Security & Net Zero: To ask the Secretary of State for Energy Security and Net Zero, whether his Department will require a cyber incident database with compulsory fixes to be created for attacks on the energy system. Answered by Michael Shanks - Minister of State (Department for Energy Security and Net Zero) The Department for Energy Security and Net Zero takes the security and resilience of UK energy infrastructure extremely seriously, including the cyber security of critical infrastructure. Maintaining a secure and reliable energy supply is a key priority. The Network and Information Systems (NIS) Regulations, impose strict incident-reporting obligations on critical energy operators.
The Government has recently introduced the Cyber Security and Resilience (Network and Information Systems) Bill. The Bill proposes expanding incident-reporting requirements, broadening the scope of reportable events, and enhancing the powers of regulators to oversee compliance and require remedial actions where necessary. |
|
Data Protection: EU Law
Asked by: Ben Spencer (Conservative - Runnymede and Weybridge) Tuesday 16th December 2025 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology what assessment her Department has made of the potential impact of the Cyber Security and Resilience (Network and Information Systems) Bill on the EU’s data adequacy decisions in relation to the UK. Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology) The CSR Bill updates the UK’s cyber resilience framework set out in the NIS Regulations 2018 and does not impact the UK's key data protection legislation. It includes a range of measures that affect the Information Commission in its capacity as a NIS regulator, but not its capacity as the UK data protection authority. The European Commission’s draft decision from 24 June 2025 on UK adequacy concludes that the UK continues to provide an essentially equivalent level of data protection. The government does not consider there to be specific developments that pose substantive risks to the EU adequacy decisions being renewed by the EU’s deadline for adoption of 27 December 2025. DSIT consulted with the Information Commission during the development of the Bill in accordance with its obligations under Article 36(4) of the General Data Protection Regulation. |
|
Electronic Government: Outages
Asked by: Ben Spencer (Conservative - Runnymede and Weybridge) Monday 1st December 2025 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology, pursuant to the Answer of 25 November 2025 to Question 92210 on Internet: Outages, what assessment she has made of the potential impact of the Cyber Security and Resilience (Network and Information Systems) Bill on disruption to government services during the Cloudflare outage. Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology) The Department for Science, Innovation and Technology (DSIT) recognises the importance of robust protections for the services essential to our society and economy. That is why we introduced the Cyber Security and Resilience Bill (CSRB) on 12 November - by enhancing protections for the most important digital services, Government services that rely on them will also benefit. As the digital centre of government, DSIT also recognises that a step change in cyber and digital resilience is required across the government sector. However, we do not need to wait for legislation to take action. We are acting in parallel with the approach of the CSRB through our mandate to set robust cyber security standards across government organisations. Government services have been subject to the National Cyber Security Centre’s Cyber Assessment Framework since 2022, which promotes resilience against both cyber attacks and the types of system failure that we saw with the Cloudflare outage. Despite this progress, we are not complacent. DSIT will publish the Government Cyber Action Plan, which will lay out a detailed programme of work with clear expectations, targets, and milestones to enhance Government's cyber and digital resilience. |
|
Cybersecurity
Asked by: Ben Spencer (Conservative - Runnymede and Weybridge) Thursday 27th November 2025 Question to the Department for Science, Innovation & Technology: To ask the Secretary of State for Science, Innovation and Technology, what assessment she has made of the adequacy of the capacity of (a) sectoral regulators and (b) the NCSC to process and respond to cyber incident reports as a result of the expanded reporting requirements in the Cyber Security and Resilience (Network and Information Systems) Bill. Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology) Officials have worked closely with regulators and the NCSC in developing the Cyber Security and Resilience Bill and will continue to do so throughout its parliamentary passage and implementation planning.
The NCSC already leads the UK’s response to cyber incidents by triaging reports, supporting affected organisations and coordinating government action during major incidents. In the year preceding, September 2025, NCSC received 1,727 incident tips, 429 of which required direct support. The Bill will expand the type of incidents reported to regulators and the NCSC, strengthening understanding of the threat landscape and improving national cyber-defences.
The Bill will also bolster regulator resources by reforming cost recovery. Currently, regulators are constrained – for example, they cannot recover the cost of enforcement. The Bill will enable regulators to fully recover their costs and utilise flexible, sector-appropriate charging mechanisms, ensuring they are properly equipped to meet their duties. |
| Parliamentary Research |
|---|
|
Cyber Security and Resilience (Network and Information Systems) Bill 2024-26 - CBP-10442
Dec. 17 2025 Found: Cyber Security and Resilience (Network and Information Systems) Bill 2024-26 |
|
The impact of foreign interference on security, trade and democracy - CBP-10418
Dec. 05 2025 Found: at their direction without it being registered • introducing the Cyber Security and Resilience (Network and Information Systems) Bill |
| Scottish Government Publications |
|---|
|
Friday 23rd January 2026
Digital Directorate Source Page: National Cyber Resilience Advisory Board (NCRAB) minutes: September 2025 Document: National Cyber Resilience Advisory Board (NCRAB) minutes: September 2025 (webpage) Found: CB updated Members with information on the proposed Cyber Security and Resilience (Network and Information Systems) Bill |
| Scottish Parliamentary Debates |
|---|
|
Parliamentary Bureau Motions
2 speeches (1,226 words) Wednesday 14th January 2026 - Main Chamber Mentions: 1: Johnstone, Alison (NPA - Lothian) committee in consideration of the legislative consent memorandum on the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Decision Time
4 speeches (2,303 words) Wednesday 14th January 2026 - Main Chamber Mentions: 1: Johnstone, Alison (NPA - Lothian) committee in consideration of the legislative consent memorandum on the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
|
Cybercrime
36 speeches (98,540 words) Wednesday 17th December 2025 - Main Chamber Mentions: 1: Nicoll, Audrey (SNP - Aberdeen South and North Kincardine) should seek to address that loophole.I note that the UK Government’s Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech 2: Constance, Angela (SNP - Almond Valley) on that matter.Alongside that, the UK Government has introduced the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech 3: Clark, Katy (Lab - West Scotland) encourage ministers to engage with the UK Government and Ofcom on how the Cyber Security and Resilience (Network and Information Systems) Bill - Link to Speech |
| Scottish Calendar |
|---|
|
Wednesday 4th March 2026 9 a.m. 7th Meeting, 2026 (Session 6) The committee will meet at 9:00am at T1.60-CR4 The Clerk Maxwell Room and will be broadcast on www.scottishparliament.tv. 1. Decision on taking business in private: The Committee will decide whether to take items 3 and 4 in private. 2. Cyber Security and Resilience (Network and Information Systems) Bill (UK Parliament legislation): The Committee will take evidence on legislative consent memorandum LCM-S6-70 from— Angela Constance, Cabinet Secretary for Justice and Home Affairs and Paul Chapman, Head of Public Sector Cyber Resilience, Scottish Government. 3. Cyber Security and Resilience (Network and Information Systems) Bill (UK Parliament legislation): The Committee will consider the evidence heard under agenda item 2. 4. Legacy paper: The Committee will consider a draft report reflecting on its work during the current session and suggesting priorities for Session 7. 5. Work programme: (In Private) The Committee will consider its work programme. For further information, contact the Clerk to the Committee, Anne Peat on 85182 or at [email protected] View calendar - Add to calendar |
|
Wednesday 4th February 2026 9:30 a.m. 5th Meeting, 2026 (Session 6) The committee will meet at 9:30am at T1.60-CR4 The Clerk Maxwell Room and will be broadcast on www.scottishparliament.tv. 1. Decision on taking business in private: The Committee will decide whether to take items 4 and 5 in private. 2. Subordinate legislation: The Committee will take evidence on the Public Procurement (India Trade Agreement) (Miscellaneous Amendment) (Scotland) Regulations 2026 [draft] from— Ivan McKee, Minister for Public Finance and Emma Lopinska, Procurement Policy Manager, Scottish Government. 3. Subordinate legislation: The Minister for Public Finance to move—S6M-20367—That the Economy and Fair Work Committee recommends that the Public Procurement (India Trade Agreement) (Miscellaneous Amendment) (Scotland) Regulations 2026 [draft] be approved. 4. Cyber Security and Resilience (Network and Information Systems) Bill (UK Parliament legislation): The Committee will consider the legislative consent memorandum lodged by the Cabinet Secretary for Justice and Home Affairs (LCM-S6-70). 5. City Region and Regional Growth Deals: The Committee will consider the Scottish Government's response to the City and Regional Growth Deals report. 6. Work programme: (In Private) The Committee will consider its work programme. For further information, contact the Clerk to the Committee, Anne Peat on 85182 or at [email protected] View calendar - Add to calendar |
|
Wednesday 14th January 2026 Parliamentary Bureau Motions - Main Chamber Graeme Dey (S6M-20425) That the Parliament agrees that the Companies Act 2006 (Scottish public sector companies to be audited by the Auditor General for Scotland) Order 2026 [draft] be approved. Further details available for S6M-20425 Graeme Dey (S6M-20426) That the Parliament agrees that the Education (Scotland) Act 2025 (Consequential Provisions) Regulations 2026 [draft] be approved. Further details available for S6M-20426 Graeme Dey (S6M-20427) That the Parliament agrees that the Official Statistics (Scotland) Amendment Order 2026 [draft] be approved. Further details available for S6M-20427 Graeme Dey (S6M-20428) That the Parliament agrees that the Cross-border Placement of Children (Requirements, Effect and Enforcement) (Scotland) Regulations 2026 [draft] be approved. Further details available for S6M-20428 Graeme Dey (S6M-20429) That the Parliament agrees that the Economy and Fair Work Committee be designated as the lead committee in consideration of the legislative consent memorandum on the Cyber Security and Resilience (Network and Information Systems) Bill. Further details available for S6M-20429 Watch on Scottish Parliament TV View calendar - Add to calendar |
| Welsh Government Publications |
|---|
|
Tuesday 3rd February 2026
Source Page: Green Paper: Shaping the Future of Water Governance in Wales Document: Consultation document (PDF) Found: the law since the Commission’s Report was published (such as the Cyber Security and Resilience (Network and Information Systems) Bill |
| Welsh Calendar |
|---|
|
Thursday 29th January 2026 9:30 a.m. Meeting of Hybrid, Climate Change, Environment, and Infrastructure Committee, 29/01/2026 09.30 - 13.00 Private pre-meeting Public meeting (09.30) 1. Introductions, apologies, substitutions, and declarations of interest (09.30-10.30) 2. UK Government rail policy and rail reform - evidence session with Professor Mark Barry Break (10.45-12.15) 3. Annual scrutiny of Transport for Wales (12.15) 4. Papers to note 4.1 Renewable energy generation in Wales 4.2 Inter-institutional Relations Agreement 4.3 Inter-ministerial Group on UK-EU Relations 4.4 Holyhead Port Storm Damage and Closure (12.15) 5. Motion under Standing Order 17.42 (vi) and (ix) to resolve to exclude the public from the remainder of this meeting Private meeting 6. Consideration of evidence received under items 2 and 3 7. Consideration of draft report on the Legislative Consent Memorandum on the Cyber Security and Resilience (Network and Information Systems) Bill View calendar - Add to calendar |
|
Monday 26th January 2026 1:30 p.m. Meeting of Remote, Legislation, Justice and Constitution Committee, 26/01/2026 13.30 - 15.15 Public meeting (13.30) 1. Introduction, apologies, substitutions and declarations of interest (13.30 – 13.35) 2. Instruments that raise no reporting issues under Standing Order 21.2 or 21.3 2.1 SL(6)713 - The Non-Domestic Rating (Demand Notices) (Wales) (Amendment) Regulations 2026 2.2 SL(6)716 - The Food Supplements (Magnesium L-threonate monohydrate) (Wales) Regulations 2026 (13.35 – 13.40) 3. Instruments that raise issues to be reported to the Senedd under Standing Order 21.2 or 21.3 3.1 SL(6)706 - The Healthy Eating in Schools (Nutritional Standards and Requirements) (Maintained Primary Schools) (Wales) Regulations 2025 3.2 SL(6)707 - The Building (Higher-Risk Buildings Procedures) (Wales) Regulations 2025 3.3 SL(6)708 - The Building etc. (Amendment) (No. 2) (Wales) Regulations 2025 3.4 SL(6)715 - The Regulated Services (Registration) (Wales) (Amendment) Regulations 2026 3.5 SL(6)704 - The Greenhouse Gas Emissions Trading Scheme (Amendment) Order 2026 3.6 SL(6)714 - The Annual Returns (Miscellaneous Amendments) (Wales) Regulations 2026 3.7 SL(6)719 - The Recognition of Professional Qualifications and Implementation of International Recognition Agreements (Regulation and Inspection of Social Care) (Miscellaneous Amendments) (Wales) Regulations 2026 (13.40 – 13.45) 4. Instruments that raise issues to be reported to the Senedd under Standing Order 21.7 4.1 SL(6)711 - The Building Safety Act 2022 (Commencement No. 6) (Wales) Regulations 2025 4.2 SL(6)712 - The Building Act 1984 (Commencement No. 1) (Wales) Order 2025 (13.45 – 13.50) 5. Instruments that raise issues to be reported to the Senedd under Standing Order 21.2 or 21.3 - previously considered 5.1 SL(6)703 - The Tax Collection and Management (Visitor Levy Costs) (Wales) Regulations 2026 5.2 SL(6)694 - The Procurement Act 2023 (Threshold Amounts) (Amendment) (Wales) Regulations 2025 (13.50 – 13.55) 6. Instruments that raise issues to be reported to the Senedd under Standing Order 21.7 - previously considered 6.1 SL(6)698 - The Individual Candidate Election Expenses (Senedd Elections) Code of Practice 2025 6.2 SL(6)699 - The Political Parties Campaign Expenditure (Senedd Elections) Code of Practice 2025 6.3 SL(6)700 - The Non-Party Campaigner Campaign Expenditure (Senedd Elections) Code of Practice 2025 (13.55 – 14.00) 7. Inter-Institutional Relations Agreement 7.1 Correspondence from the Welsh Government: Meetings of inter-ministerial groups 7.2 Written Statement by the Cabinet Secretary for Finance and Welsh Language: The Procurement Act 2023 (Specified International Agreements and Saving Provision) (Amendment) Regulations 2026 7.3 Correspondence from the Cabinet Secretary for Economy, Energy and Planning: The Provision of Services (Amendment and Transitional Provision) Regulations 2026 7.4 Correspondence from the Deputy First Minister and Cabinet Secretary for Climate Change and Rural Affairs: The Sea Fisheries (Amendment) Regulations 2026 (14.00 – 14.05) 8. Papers to note 8.1 Correspondence from the Counsel General and Minister for Delivery: Subordinate legislation 8.2 Written Statement by the Deputy First Minister and Cabinet Secretary for Climate Change and Rural Affairs: Consultation on Proposed Changes to Local Authority Fees and Charges Schemes under the Environmental Permitting (England and Wales) Regulations 2016 8.3 Correspondence from the Standards of Conduct Committee to the Member Accountability Bill Committee: The Senedd Cymru (Member Accountability and Elections) Bill 8.4 Correspondence from the Short Term Accommodation Association to the Cabinet Secretary for Finance and Welsh Language: Development of Tourism and Regulation of Visitor Accommodation Bill (14.05) 9. Motion under Standing Order 17.42(vi) and (ix) to resolve to exclude the public from the remainder of today's meeting Private meeting (14.05 – 14.10) 10. Planning (Wales) Bill and Planning (Consequential Provisions) (Wales) Bill: Consideration of Detailed Committee Consideration report (14.10 – 14.20) 11. Secondary legislation previously considered (14.20 – 14.30) 12. Legislative Consent Memorandum on the Cyber Security and Resilience (Network and Information Systems) Bill (14.30 – 14.35) 13. Legislative Consent Memorandum on the Finance (No. 2) Bill: Draft report (14.35 – 14.45) 14. Supplementary Legislative Consent Memorandum (Memorandum No. 4) on the Children's Wellbeing and Schools Bill (14.45 – 14.55) 15. Monitoring report (14.55 – 15.05) 16. United Kingdom Internal Market Act 2020 (15.05 – 15.15) 17. Supplementary Legislative Consent Memorandum (Memorandum No. 3) on the Terminally Ill Adults (End of Life) Bill View calendar - Add to calendar |
|
Wednesday 21st January 2026 9:30 a.m. Meeting of Hybrid, Climate Change, Environment, and Infrastructure Committee, 21/01/2026 09.30 - 11.30 Private pre-meeting Public meeting (09.30) 1. Introductions, apologies, substitutions, and declarations of interest (09.30-11.00) 2. Annual scrutiny of the National Infrastructure Commission for Wales (11.00) 3. Papers to note 3.1 The UK Emissions Trading Scheme 3.2 Inter-institutional relations agreement (11.00) 4. Motion under Standing Order 17.42 (vi) and (ix) to resolve to exclude the public from the remainder of this meeting Private meeting 5. Consideration of evidence received under item 2 6. Consideration of the Legislative Consent Memorandum on the Cyber Security and Resilience (Network and Information Systems) Bill View calendar - Add to calendar |
|
Wednesday 14th January 2026 9:30 a.m. Meeting of Hybrid, Climate Change, Environment, and Infrastructure Committee, 14/01/2026 09.30 - 12.30 This is a draft agenda and the following meeting details are subject to change. The final agenda and papers will be published at least 2 working days before the meeting. Private pre-meeting Public meeting (09.30) 1. Introductions, apologies, substitutions, and declarations of interest (09.30-11.00) 2. Annual scrutiny of Natural Resources Wales (11.00) 3. Papers to note (11.00) 4. Motion under Standing Order 17.42 (vi) and (ix) to resolve to exclude the public from the remainder of this meeting Private meeting 5. Consideration of evidence received under item 2 6. Consideration of draft report on the Supplementary Legislative Consent Memorandum (Memorandum No. 2) for the Sustainable Aviation Fuel Bill 7. Consideration of the Legislative Consent Memorandum on the Cyber Security and Resilience (Network and Information Systems) Bill View calendar - Add to calendar |