I am not a legal export! Haha get used to saying that a lot if you work in cyber and are not in fact a legal expert! I wanted to put together a list of common laws that people should be aware of when doing business in the UK, it’s just a starter for 10 and there are likely others, but this should get people started for their security awareness and security policy documentation:

Read more: UK laws and cyber security considerations for business
  • Data Protection Act 2018
  • Freedom of Information Act
  • Communications Act
  • Computer Misuse Act 1990
  • Investigatory Power Act 2016 (IPA)
  • Theft Act 1990
  • Terrorism Act 2000
  • The General Data Protection Regulation (GDPR)
  • The Privacy and Electronic Communications Regulations 2003 (PECR)
  • The Regulation of Investigatory privacy Act 2000 (RIPA)
  • Official Secrets Act 1989 (OSA)
  • Companies Act 2006
  • Copyright and Design patents Act 198
  • Trademarks Act 1994
  • The Malicious Communication Act 1988
  • Forgery and Counterfeiting Act 1981
  • Police and Criminal Evidence Act 1984
  • Contracts (Rights of Third Parties) Act 1999
  • Fraud Act 2006
  • Network and Information Systems Regulations 2018 (NIS)
  • Telecommunications (Security) Act 2021
  • The Bribery Act 2010
  • Freedom of Information Act 2000
  • Defence of the Realm Act 1914

can you think of any others that I should add?

Thanks Gary and Kevin and the other AVIS I can’t name for inputting!