UK Parliament · Public Bill · No. 4035

Cyber Security and Resilience (Network and Information Systems) Bill

[As Introduced]

BILL

This bill updates UK cyber security law by replacing the outdated Network and Information Systems Regulations 2018 with new, stricter requirements for organisations that provide essential services and digital infrastructure. It requires critical sectors, such as energy, water, healthcare, and financial services, to implement stronger security measures, report cyber incidents faster, and comply with regular security audits. The bill also expands protections to cover more businesses in the digital sector and gives regulators stronger enforcement powers to penalise noncompliance, aiming to reduce vulnerability to cyber attacks that could harm public safety and national security.

See full bill →

Presented by Liz Kendall.

PublicLords

Official Ballot · The People's Chamber

How would you vote on this bill?

Mark one box with a cross.

You will be asked to sign in before your vote is counted.

The people's count533 votes

95% Aye · 5045% No · 29

MPs' vote408 MPs

40% Ayes · 16260% Noes · 246

The democratic gap

55% , a wide gap

Outcome mismatch, the public would pass this bill, but Parliament rejected it.

Bill passage

Commons

1st reading12 Nov 2025
2nd reading6 Jan 2026
Committee stage3 Feb 2026
Report stage