Scoping the UK Cyber Security and Resilience Bill

RUSI’s Cyber and Tech research group, in partnership with Darktrace, convened a policy roundtable in London on 6 February 2025 to discuss the ongoing development of the Cyber Security and Resilience Bill (CSRB). Participants included representatives from technology vendors, cyber security services vendors, academia and critical national infrastructure providers. The expert discussion provided a platform for participants to reflect on the UK government’s Cyber Strategy, existing cyber security legislation, and how to design the CSRB so that it keeps pace with an evolving threat landscape.

This conference report summarises points made during the roundtable discussion, none of which are attributable. It begins by setting out the background to the CSRB and its expected measures, and developments on the CSRB since the roundtable took place. Following this, it outlines key discussions from the roundtable, before finally presenting main takeaways and recommendations for the UK government: providing practical steps to ensure the CSRB is effective, proportionate and future-proof.