Representatives of the UK’s cyber security sector and the CyberUp Campaign have reacted to the worrying findings of the Government’s Cyber Security Breaches Survey, published today, with the report showing 50% of businesses and 32% of charities suffered a cyber breach or attack in the last year.

In an exciting update, an amendment to the Criminal Justice Bill has been tabled today on reform to the CMA and the introduction of ‘a statutory defence’.

As we come to the end of 2023, the CyberUp Campaign is reflecting on what has been a busy year for the Campaign.

The CyberUp Campaign launches its new cyber security industry survey report, which has found there is a widespread “chilling effect” on the UK’s cyber defenders.

The CyberUp Campaign reacts to today’s Autumn Statement.

The final push: all we need is 15 minutes of your time to help the UK government understand the impact of the Computer Misuse Act on the cyber security community.

As the CyberUp Campaign continues to call for urgent reform of the Computer Misuse Act in the UK, we have been looking towards international examples of recent updates to cyber crime legislation that should act as models for the UK to consider, because they better reflect the realities of the 21st century cyber defensive industry, and clearly acknowledge the importance of legal protections for the individuals that operate within it.

The CyberUp Campaign has welcomed the Government’s commitment to introducing a statutory defence as part of expected reform of the outdated Computer Misuse Act 1990 (CMA).

Today, the Government published its response to a review of the Computer Misuse Act 1990 (CMA) which concluded in spring 2021.

A new piece of work by the CyberUp Campaign released today establishes the current expert consensus of what should constitute legitimate cyber security activity under a reformed UK Computer Misuse Act.

The US Department of Justice (DoJ) recently produced guidance for prosecutors as to when to prosecute instances of potential breaches of the Computer Fraud and Abuse Act (CFAA).

Today, the Government released its legislative programme for the next parliamentary session via the Queen’s Speech in Parliament. Disappointingly for us as the CyberUp Campaign, it didn’t include any commitment to reform the Computer Misuse Act.

The former CEO of the UK National Cyber Security Centre (NCSC) yesterday warned that the UK’s Computer Misuse Act is hampering the nation’s ability to tackle evolving cyber threats, including from hostile states such as Russia.

The CyberUp Campaign has submitted written evidence to the Product Security and Telecommunications Infrastructure (PSTI) Bill Committee. .

The CyberUp Campaign has submitted to the Government’s call for information on embedding standards in the cyber security industry.

As we await the outcome of the Home Office review of the CMA, so many of the ambitions set out in the NCS would be furthered by a UK cyber crime law fit for the 21st century. In this short report we detail how a reformed CMA would help to deliver the UK Government’s aims, in support of its national goals.

The Government’s National Cyber Strategy (NCS) published today represents a missed opportunity to introduce a truly 21st century cyber crime law, following the Home Office review of the 31-year old Computer Misuse Act (CMA) earlier in the year.

Following the publication of CyberUp’s Defence Framework, the Trend Micro investigation offers a timely opportunity to apply the framework to a real world example – and see what conclusions we can draw.

The CyberUp Campaign is very grateful to work with Northern Ireland-based cyber security consultancy Vertical Structure on our efforts to reform the Computer Misuse Act. As part of their efforts to support the campaign, and to highlight the issues they face as a business, Simon Whittaker, CEO of Vertical Structure, and Anna Cartwright, an Associate at Turley Legal, Vertical Structure’s legal counsel, have taken part in a podcast discussion on the topic.

The Product Security and Telecommunications Infrastructure (PSTI) Bill will enable the Government to require manufacturers, importers and distributors to make sure their consumer connectable products (from smart TVs to smart phones) meet minimum cyber security requirements before they are placed on the UK market (including via online marketplaces), so as to minimise harm.