Legislation ‘to improve the country’s defences against cyber-security threats’, a Cyber Security and Resilience Bill, were among the proposals in the King’s Speech in the House of Lords on May 13. King Charles III formally set out the next round of laws that the Labour Government looks to bring in.
A Digital Access to Services Bill was also aired among about 35 bills and draft bills, whereby ‘Digital ID’ ‘will modernise how citizens interact with public services’. A National Security Bill will in the King’s words ‘respond to the horrific attack in Southport with measures to protect the British people from extreme violence, and honour the victims, the injured and their families’. A Ticket Tout Ban Bill will be published in draft for pre-legislative scrutiny. And a Sporting Events Bill, ahead of the Euro 2028 European Football Championships, will include a UK-wide offence for the resale of tickets for major sporting events. On the brand protection side, that Bill would introduce a UK-wide prohibition on unauthorised association with a sporting event and measures to restrict advertising and trading around event locations.
Police Reform
A Police Reform Bill promises the biggest reform to policing in decades. As laid out by the Government earlier this year and featured in the March 2026 edition of Professional Security Magazine, a National Police Service will be set up to go after the most serious crimes; and Police and Crime Commissioners (PCCs) will be abolished. A new legal framework will underpin law enforcement use of facial recognition.
State threats
A Tackling State Threats Bill is described as providing a new tool to disrupt and deter the activities of state-linked entities, seeking to make the UK a ‘tougher operating environment’ for foreign intelligence services and their proxies. An Armed Forces Bill will expand the pool of Reserves by changing the maximum length and age limit at which some personnel can be recalled. Nearly all those who leave the armed forces will be subject to recall ‘in extremis’.
National Security Bill
As for a National Security Bill, that will complement the Tackling State Threats Bill, the Government points to Islamist and extreme right-wing terrorism, besides new risks of violence-fixated individuals and cyber attacks on an unprecedented scale. That Bill will create new offences to criminalise the creation and sharing of the most harmful violent material to stop the spread of content, such as on ‘gore sites’, that glorifies, trivialises, or normalises serious violence; and criminalise the planning of a mass casualty attack without an ideological motive such as the Southport attack of summer 2024 – not covered, the Government says, by existing conspiracy, attempt, or terrorism offences.
Prime Minister Sir Keir Starmer said: “Britain stands at a pivotal moment: to press ahead with a plan to build a stronger, fairer country or turn back to the chaos and instability of the past.”
For the King’s Speech in full visit https://www.gov.uk/government/speeches/the-kings-speech-2026.
Comments
Graeme Stewart, Head of Public Sector at the software firm Check Point, said: “Ramping up AI security legislation is an absolute must, especially when the technology can so easily by hijacked by hostile foreign powers and cyber criminals to attack our banks, hospitals and public services. Likewise the Resilience Bill will at last enshrine contingency planning into law, forcing key areas of UK PLC to have a clear plan of action in place when the next successful cyber attack inevitably takes place.”
William Wright, CEO of Closed Door Security, saw the update for the cyber security industry, from the ‘aged’ Computer Misuse Act as is potentially a positive step forward. He said: “The legislation was introduced in 1990, and its last major reform occurred in 2015, however, throughout these 36 years the digital landscape has changed dramatically, but the Act has not evolved in unison.
“One of the biggest challenges with the current legislation is the lack of clear protections for security researchers and ethical hackers. Offensive security testing is now a critical part of cyber defence, yet researchers who identify vulnerabilities in systems can still find themselves operating in a legal grey area, even when their intention is to help organisations improve security.
“While we don’t know the exact updates the government plans to make, hopefully there will be revisions to provide more protections for security researchers who are working to expose vulnerabilities in systems for the greater good.
“Without these protections, researchers could be reluctant to report vulnerabilities in systems due to fears of legal repercussions, which ultimately benefits cyber criminals far more than defenders. Secondly, more information was released around the forthcoming Cyber Security and Resilience Bill, which is set to be formally introduced into legislation in 2028.
“The speech provided more details on the organisations that are set to be covered by the Bill and also highlighted that these organisations will face turnover-based fines for cyber breaches to ensure they do not cut any corners with their cyber defences. These financial penalties will undoubtedly drive the adoption of improved security controls, which couldn’t come at a more critical time.
“With advances in AI platforms like Mythos making it easier for criminals to identify exploitable vulnerabilities in networks at speed, organisations must prioritise their defences, ensuring systems are continually tested and assessed, so weaknesses can be identified and patched ahead of attackers finding them.”
