Regulatory Outlook

Cyber Security | UK Regulatory Outlook June 2024

Published on 26th Jun 2024

UK general election 2024: cyber security aspects | ESAs enter into multilateral memorandum of understanding with ENISA | Council of the EU approves conclusions for more cyber secure and resilient Union

H_2011101743FWI_Regulatory Outlook 2021_JAN 21_ICONS_Data Protection and Cyber Security_landscape

UK general election 2024: cyber security aspects

To ensure the UK is fully prepared to deal with hybrid warfare including cyber attacks and misinformation campaigns, the Labour Party has committed to undertaking a Strategic Defence Review within its first year in government and aims to spending 2.5% of GDP on defence.

Meanwhile, the Conservative Party has pledged to deliver a National Defence and Resilience Plan to improve the country's preparedness for risks on the National Risk Register, which outlines the most serious risks facing the country. As previously reported, cyber is one of the nine risk themes within the report, with cyber attacks on critical national infrastructure (including electricity, gas and telecommunications systems) cited as key risks in the register.

ESAs enter into multilateral memorandum of understanding with ENISA

On 5 June 2024, the European Supervisory Authorities (European Banking Authority, European Insurance and Occupational Pensions Authority and European Securities and Markets Authority – the ESAs) announced that they have signed a multilateral memorandum of understanding (MoU) to reinforce collaboration with the European Union Agency for Cybersecurity (ENISA) on safeguarding the financial sector from cybersecurity threats.

The MoU formalises ongoing discussions between the ESAs and ENISA as a result of the implementation and harmonisation of the NIS 2 Directive and the Digital Operational Resilience Act (DORA) and sets out a framework for cooperation and information exchange on, amongst other things, the reporting of major IT-incidents, the development of draft technical standards, and oversight of critical IT third-party providers. See the memorandum.

Read our Insight for more on NIS 2 or connect with one our experts on achieving compliance with the new requirements under DORA.

Council of the EU approves conclusions for more cyber secure and resilient Union

During the Telecommunications Council on 21 May 2024, EU ministers adopted conclusions on the future of cybersecurity with the aim of improving the cyber resilience of the EU. The following were identified as focus areas for policy making:

  • Strengthening existing cybersecurity cooperation structures and entities, including between the NIS Cooperation Group, ENISA, to ensure consistency of cybersecurity in sectorial legislation.
  • Encouraging Member States and EU entities to engage with third party countries and actors to increase international cooperation against cybercrime, including the work of the Counter Ransomware Initiative (CRI) and the EU's commitment to the CRI's Joint Statement on Ransomware Payments.
  • The Council invites the EU Commission to present a revised cybersecurity strategy to guide EU action on emerging technologies such as artificial intelligence.

Extended consultation deadline for two new codes of practice for cybersecurity and AI

Following the general election announcement, the deadline for the consultations on the two codes of practice announced in May 2024 on improving AI cybersecurity and the resilience and security of software, have been extended from 10 July to 9 August 2024.

Although departments may continue to receive and analyse consultation responses during the election period, as the codes form part of the government's National Cyber Strategy, final implementation of the codes may be affected by the general election as the proposals will need to be put to the incoming government. 


View the full Regulatory Outlook

Interested in hearing more? Expand to read the other articles in our Regulatory Outlook series

View the full Regulatory Outlook

Regulatory law affects all businesses.

Osborne Clarke’s updated Regulatory Outlook provides you with high level summaries of important forthcoming regulatory developments to help in-house lawyers, compliance professionals and directors navigate the fast-moving business compliance landscape in the UK.

Receive Regulatory Outlook each month

A round-up of forthcoming regulatory developments – straight to your inbox

* This article is current as of the date of its publication and does not necessarily reflect the present state of the law or relevant regulation.

Interested in hearing more from Osborne Clarke?