CSRBScore™
UK Cyber Security & Resilience Bill
Readiness Assessment

Evaluate your organisation's readiness against the UK's Cyber Security and Resilience Bill — the most significant overhaul of UK cybersecurity law since 2018. Covers NIS Regulations, supply chain security, incident reporting, and governance obligations.

CS&R Bill 2025 NIS Regs 2018 NCSC CAF v4.0 NIS2-Aligned UK-CNI

Who is in scope? The CS&R Bill expands the UK NIS Regulations to cover: Operators of Essential Services (OES) in energy, transport, water, health & digital infrastructure · Managed Service Providers (MSPs) — ~900–1,100 providers regulated by ICO · Data Centre Operators above 1MW IT load · Critical Suppliers designated by competent authorities · Digital Service Providers (DSPs). If your organisation supports any of these, you are likely in-scope or will be subject to downstream obligations. Royal Assent expected 2026; phased commencement via secondary legislation.

Your Organisation Type

Your Role

0 of 13 answered 0 / 104 pts

⚠ Please answer all questions before generating your report