- within Food, Drugs, Healthcare, Life Sciences, Employment and HR, Litigation and Mediation & Arbitration topic(s)
Senator challenges the Federal Communications Commission's (FCC) plan to roll back cyber security requirements introduced after Salt Typhoon hack
A leading member of the Senate Commerce Committee strongly urged the FCC to abandon its plan to repeal the cyber security rules adopted in the wake of last year's Salt Typhoon hack on U.S. telecom providers. It has been urged that the FCC drop its plan to vote on reversing the ruling, which had determined that federal law requires telecommunications carriers to safeguard networks against illegal access or the interception of communications, and that failure to implement specified cyber security practices could breach that obligation. The Senator described the FCC order issued at the end of the Biden administration as "a commonsense acknowledgement that providers are responsible for protecting public safety against cyber security threats."
UK introduces major cyber law reform to strengthen cyber security in critical sectors
On November 12, 2025, the Cyber Security and Resilience Bill was laid before Parliament to strengthen the UK's cyber security framework for public services and critical industries. The Bill expands regulatory coverage to include not only hospitals, power networks, the NHS, water companies, but also medium and large-scale companies offering IT, cyber security and digital support to these essential sectors. Under the new rules, regulators gain authority to designate "critical suppliers," which would need to comply with strict minimum cyber security requirements to reduce supply-chain vulnerabilities. Entities covered by the Bill would be required to report serious cyber incidents rapidly, notifying the relevant regulator and the National Cyber Security Centre ("NCSC") within 24 hours, and submitting a full report within 72 hours.
UK water systems face rising cyber risks
Since January 2024, the watchdog Drinking Water Inspectorate ("DWI") has logged five cyber- attack incidents against UK drinking-water facilities. Many similar intrusions globally, including in the US, Canada and Ireland, show that attackers can infiltrate systems close to operational controls, raising concern that water-supply infrastructure is now a viable target. Under current UK regulations, water utilities are only required to report cyber-attacks if they cause a disruption to services. The proposed Cyber Security and Resilience Bill (2025), expected to reach Parliament this year, would broaden mandatory reporting. Amid ongoing droughts and water stress in the UK, utilities must urgently strengthen cyber defences to protect critical infrastructure.
Bipartisan bill proposes ban on minors using AI Chatbots
A bipartisan bill introduced in the U.S. Congress, the GUARD Act, would require operators of AI chatbots to verify users' ages, and prohibit access for users who are minors. The bill defines "AI companions" as chatbots that deliver adaptive, human-like responses and are designed to simulate emotional or interpersonal interaction. Under the proposed law, developing or offering chatbots that enable minors to engage in sexual content, self-harm, or violence, or that encourage such conduct, would become a criminal offence. The legislation also mandates that chatbots must clearly disclose they are not human, and periodically remind users of this fact.
Alan Turing Institute refocuses on cyber defence to protect UK infrastructure
The Alan Turing Institute has announced a new mission prioritizing the protection of the UK's critical national infrastructure, including energy, transport and utilities, from increasing cyber-attack risks. As part of the strategic reset, 78 existing research projects were closed, completed, or spun out to align with national security priorities, and the institute's leadership shifted following the CEO's resignation. The organisation will deepen engagement with defence and security partners while continuing AI initiatives in health and environmental fields, though cyber defence is now the central mandate.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
