CSR Bill and Telecoms Supply Chains
In short: The Cyber Security and Resilience Bill does not impose NIS obligations on telecoms operators for their core network and service provision. NIS Regulation 8(1A) and the RMSP definition both exclude PECN/PECS providers. But the Bill catches operators’ IT suppliers as Relevant Managed Service Providers under ICO oversight, and operators running data centres above…
