Black Hat USA 2025 | Smart Charging, Smarter Hackers: The Unseen Risks of ISO 15118
Black Hat Black Hat https://www.youtube.com/channel/UCJ6q9Ie29ajGqKApbLqfBOg CySecBot CySecBot
Day: March 26, 2026
Swiss Islamic Scholar Jailed For 18 Years For Raping Three Women
Swiss Islamic scholar Tariq Ramadan was sentenced on Wednesday to 18 years in prison by a Paris criminal court for the rape of three women.
Islamic community calls out ‘anti-Muslim hate’ after suspicious fire at site of new Victorian mosque
Former Kilmore church being converted into mosque set alight Tuesday amid spate of Islamophobic incidentsFollow our Australia news live blog for latest updatesGet our breaking news email, free app or daily news podcastIslamic communities have called ou…
What the UK Cyber Security & Resilience Bill Means for Security Practitioners
The UK Cyber Security & Resilience Bill is progressing through Parliament Royal Assent expected later in 2026.
The UK’s Cyber Security and Resilience Bill is working its way through Parliament, and if you haven’t started paying serious attention yet, now is the time. Introduced to the House of Commons in November 2025, the Bill represents the most significant overhaul of UK cyber regulation since the NIS Regulations in 2018, and its implications for security practitioners are immediate and practical.
What’s Actually Changing
At its core, the Bill expands the existing Network and Information Systems regulatory framework. It brings more organisations into scope, imposes stricter incident notification requirements, and hands regulators substantially more enforcement power. Secondary legislation and statutory Codes of Practice will follow, but the primary architecture of what you’ll be working within is already taking shape.
One of the most significant shifts for practitioners working in or alongside managed services is the creation of a new regulated entity category: the Relevant Managed Service Provider (RMSP). For the first time, MSPs providing services to in-scope sectors face direct regulatory obligations. If your organisation is an MSP, or relies heavily on one, your compliance exposure has materially changed.
⚠ Key Point – Incident Reporting Timelines
The Bill introduces two-stage incident reporting: an initial notification within 24 hours and a full report within 72 hours, with copies sent to the NCSC. Your detection, triage, and escalation workflows need to meet these timelines under real pressure, not just on paper.
Penalties That Command Attention
The financial exposure for non-compliance is substantial and should feature prominently in any board-level conversation about investment in cyber controls.
Maximum Penalty Structure
- Standard maximum penalty – £10m or 2% of global turnover
- Higher maximum (serious breaches) – £17m or 4% of worldwide turnover
- Continuing contraventions (daily) – Up to £100,000 per day
- Extended ceiling (exceptional cases) – Up to 10% of worldwide turnover
These are not hypothetical. Regulators will also gain cost recovery powers, able to levy periodic fees to fund their oversight activities. Expect more active enforcement, not passive monitoring.
UK vs NIS2: Don’t Assume Alignment
If your organisation already operates under the EU’s NIS2 framework, a critical warning: the UK Bill and NIS2 share objectives but diverge in material ways. Reporting thresholds differ, customer notification requirements differ, and the sectors in scope are structured differently. A NIS2-aligned incident response playbook will not automatically satisfy UK obligations.
Practitioners managing cross-border environments will need jurisdiction-specific runbooks. A single process attempting to satisfy both simultaneously risks failing both under pressure.
Supply Chain Risk Is Now Statutory
The Bill introduces the concept of designated “critical suppliers” organisations whose compromise could cause major disruption to the economy or wider society, even if they are not themselves regulated entities. These suppliers will receive formal written notice and will have the right to make representations or appeal.
Secondary legislation will likely impose specific supply chain security obligations on regulated entities potentially including contractual requirements, security assessments, and continuity planning mandates. The era of passing a questionnaire and considering supply chain risk managed is ending.
🔗 Supply Chain Reality Check
Without consolidated visibility across cloud platforms, SaaS providers, and outsourced partners, your compliance posture is built on assumptions, not evidence. The Bill will expose that gap when regulators come calling.
What Practitioners Should Do Now
The Bill has passed its Report Stage in the Commons and is heading to the House of Lords. Royal Assent is expected later in 2026. Waiting for the final text before acting is not a defensible position.
The Bill has passed its Report Stage in the Commons and is heading to the House of Lords. Royal Assent is expected later in 2026. Waiting for the final text before acting is not a defensible position.
- Determine whether your organisation or key MSPs fall into newly in-scope categories, including data centres with Rated IT Load above 1 MW
- Review incident detection and escalation workflows against the 24-hour initial notification requirement
- Map divergence between your current NIS/NIS2 compliance posture and what the UK Bill will require
- Audit your supplier assurance programme, move beyond annual questionnaires towards continuous oversight
- Engage legal, compliance, and operational teams together; this cannot be owned by security alone
- Monitor the Bill’s progress and watch for secondary legislation, which will contain the operational detail
The regulatory environment for UK cyber security is shifting substantially. The organisations best placed when the Bill receives Royal Assent will be those treating this as a live operational project, not a future compliance task.
Track the Bill’s progress via the UK Parliament Bills tracker and the House of Commons Library briefing.
Migrants march in southern Mexico to denounce immigration restrictions
The march comes as a court in the US suggests there may be a secret deportation agreement between the US and Mexico.
How to Slander a Humanitarian Mission – Home ❧ Current Affairs
How to Slander a Humanitarian Mission Home ❧ Current AffairsFlotilla arrives in Havana with 33 tons of aid amid US oil blockade YahooDispatch From Cuba The NationKneecap’s breathtaking Cuban hypocrisy The Spe…
Republicans in Congress Fret Over Trump Administration’s Handling of Iran War
G.O.P. lawmakers who have given the Trump administration wide latitude to wage war with no congressional input are growing frustrated as officials offer little detail about ground troops, cost or timeline.
Egypt says it is ready to host Iran de-escalation talks
Egypt’s Foreign Minister Badr Abdelatty said Cairo is ready to host talks on Iran to support de-escalation.
Iran threatens to seize control of another key strait in Red Sea if Trump launches ground invasion
The Houthi rebels in Yemen have so far not entered the war despite ties to Iran’s Revolutionary Guard
‘He came out slowly and said don’t shoot’: IDF officer recounts capture of Radwan operatives – ynetnews
‘He came out slowly and said don’t shoot’: IDF officer recounts capture of Radwan operatives ynetnewsIsrael sends more troops into southern Lebanon as ground invasion expands Al JazeeraAP is calling Israel’s attack on Lebanon an i…