Digital threats are becoming increasingly common, more sophisticated and more impactful as society's digital transformation continues and there is an ever-increasing dependence on digital technology. As a result, cyber security laws will increase both in number and extent. At a UK level, we have already seen the Cyber Security and Resilience Bill introduced in the Labour government's first King's Speech. The Bill aims to "strengthen the UK’s cyber defences [and] ensure that critical infrastructure and the digital services that companies rely on are secure" and will expand existing regulations to cover "more digital services and supply chains". In parallel, in September 2024, the UK government classified UK data centres as ‘Critical National Infrastructure’, a step designed to improve the security and resilience of these engines of the modern economy. Similarly, in the EU, the requirements of the revised Network and Information Systems Directive (NIS2) had to be implemented by EU members states by 17 October 2024, replacing the outdated laws implementing NIS1.