I am not a legal export! Haha get used to saying that a lot if you work in cyber and are not in fact a legal expert! I wanted to put together a list of common laws that people should be aware of when doing business in the UK, it’s just a starter for 10 and there are likely others, but this should get people started for their security awareness and security policy documentation:

Read more: UK laws and cyber security considerations for business

• Data Protection Act 2018
• Freedom of Information Act
• Communications Act
• Computer Misuse Act 1990
• Investigatory Power Act 2016 (IPA)
• Theft Act 1990
• Terrorism Act 2000
• The General Data Protection Regulation (GDPR)
• The Privacy and Electronic Communications Regulations 2003 (PECR)
• The Regulation of Investigatory privacy Act 2000 (RIPA)
• Official Secrets Act 1989 (OSA)
• Companies Act 2006
• Copyright and Design patents Act 198
• Trademarks Act 1994
• The Malicious Communication Act 1988
• Forgery and Counterfeiting Act 1981
• Police and Criminal Evidence Act 1984
• Contracts (Rights of Third Parties) Act 1999
• Fraud Act 2006
• Network and Information Systems Regulations 2018 (NIS)
• Telecommunications (Security) Act 2021
• The Bribery Act 2010
• Freedom of Information Act 2000
• Defence of the Realm Act 1914

can you think of any others that I should add?

Thanks Gary and Kevin and the other AVIS I can’t name for inputting!