{"id":191965,"date":"2024-12-11T15:16:03","date_gmt":"2024-12-11T15:16:03","guid":{"rendered":"https:\/\/legalvision.co.uk\/?p=191965"},"modified":"2025-04-05T07:00:45","modified_gmt":"2025-04-05T06:00:45","slug":"creating-cyber-security-policy","status":"publish","type":"post","link":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/","title":{"rendered":"Creating a Cyber Security Policy: Legal Requirements for Employers"},"content":{"rendered":"\n<p><a href=\"https:\/\/legalvision.co.uk\/startups\/cybersecurity-uk-startup\/\">Cyber security<\/a> is critical for UK businesses, including those hiring staff. Your company must protect its systems and data from cybersecurity risks and demonstrate compliance with key legal requirements such as the UK GDPR and the NIS Regulations. Cyber threats are increasing, and failing to mitigate risk against them can lead to serious consequences. A clear cyber security policy can help your business reduce the risk of cyber security incidents. This article explains the risks cyber security poses to businesses, the laws surrounding it, and how your employer business can implement steps to help manage these risks.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Why is Cyber Security a Risk for Employers?<\/h2>\n\n\n\n<p>As an employer, your business likely holds a range of personal and other sensitive and confidential information, such as customer data, financial records, and employee details. This means you will be an attractive target for cybercriminals. Cyberattacks can result in data loss, disrupt your operations, and cause significant financial losses. If a breach occurs that compromises personal data, regulators such as the ICO can impose penalties under the UK GDPR.&nbsp;<\/p>\n\n\n\n<p>Many <a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/six-cybersecurity-tips-working-from-home\/\">cyber security<\/a> breaches arise when businesses overlook avoidable risk issues. Weak passwords, unsecured software systems, lack of awareness and poor employee practices can provide easy opportunities for attackers. Your company must prioritise electronic security and take practical steps to secure its systems and data.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Which Laws Are Relevant to Cyber Security in the UK?<\/h2>\n\n\n\n<p><a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/nis-compliance\/\">Cyber security<\/a> obligations in the UK come from several laws.\u00a0<\/p>\n\n\n\n<p>For example:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>the <a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/uk-gdpr-policies-business\/\">UK GDPR<\/a> and <a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/key-things-data-protection-act-2018\/\"><em>Data Protection Act 2018<\/em><\/a> require businesses to adopt &#8220;appropriate technical and organisational measures&#8221; to secure personal data. If a breach risks individuals&#8217; rights and meets the reporting threshold, your business must notify the ICO within 72 hours. Although not cybersecurity requirements, its requirements set out key issues which are relevant to cybersecurity, e.g. regarding the protection of information;<\/li>\n\n\n\n<li>the <em><a href=\"https:\/\/www.gov.uk\/government\/collections\/nis-directive-and-nis-regulations-2018\">NIS Regulations 2018<\/a> <\/em>impose strict rules on certain types of operators, focussing on the security of IT systems; and<\/li>\n\n\n\n<li>the <a href=\"https:\/\/www.legislation.gov.uk\/ukpga\/2022\/46\/contents\"><em>Product Security and Telecommunications Infrastructure Act 2022<\/em><\/a> sets out duties for businesses that manufacture or distribute smart devices.<\/li>\n<\/ul>\n\n\n\n<p>If your business operates in specific regulated sectors, additional rules may apply. You must identify the laws that apply to your company and ensure compliance. You should seek legal advice if you need help understanding which cyber security laws apply to your business.<\/p>\n\n\n\n\n<a href=\"#content-next\"\n   class=\"block p-4 mt-10 text-xl font-bold text-center text-white no-underline bg-gray-800 rounded-t-xl\">\n    Continue reading this article below the form\n    <i class=\"text-xl fa-regular fa-arrow-down\"><\/i>\n<\/a>\n<div class=\"px-6 pt-10 pb-12 mb-10 text-center bg-gray-100 rounded-b-xl sm:px-12 test\">\n    <div class=\"mb-8 text-2xl font-bold text-orange\">\n        Need legal advice?\n        <br>\n        <span class=\"text-lg not-prose\">\n                            Call <a href=\"tel:+448081968584\" class=\"not-prose\">0808 196 8584<\/a> for urgent assistance.\n                <br>\n                Otherwise, complete this form, and we will contact you within one business day.\n                    <\/span>\n    <\/div>\n\n    \n\n<div class=\"not-prose flex justify-center text-left gform_input_bg_white    \">\n    <script>\nvar gform;gform||(document.addEventListener(\"gform_main_scripts_loaded\",function(){gform.scriptsLoaded=!0}),document.addEventListener(\"gform\/theme\/scripts_loaded\",function(){gform.themeScriptsLoaded=!0}),window.addEventListener(\"DOMContentLoaded\",function(){gform.domLoaded=!0}),gform={domLoaded:!1,scriptsLoaded:!1,themeScriptsLoaded:!1,isFormEditor:()=>\"function\"==typeof InitializeEditor,callIfLoaded:function(o){return!(!gform.domLoaded||!gform.scriptsLoaded||!gform.themeScriptsLoaded&&!gform.isFormEditor()||(gform.isFormEditor()&&console.warn(\"The use of gform.initializeOnLoaded() is deprecated in the form editor context and will be removed in Gravity Forms 3.1.\"),o(),0))},initializeOnLoaded:function(o){gform.callIfLoaded(o)||(document.addEventListener(\"gform_main_scripts_loaded\",()=>{gform.scriptsLoaded=!0,gform.callIfLoaded(o)}),document.addEventListener(\"gform\/theme\/scripts_loaded\",()=>{gform.themeScriptsLoaded=!0,gform.callIfLoaded(o)}),window.addEventListener(\"DOMContentLoaded\",()=>{gform.domLoaded=!0,gform.callIfLoaded(o)}))},hooks:{action:{},filter:{}},addAction:function(o,r,e,t){gform.addHook(\"action\",o,r,e,t)},addFilter:function(o,r,e,t){gform.addHook(\"filter\",o,r,e,t)},doAction:function(o){gform.doHook(\"action\",o,arguments)},applyFilters:function(o){return gform.doHook(\"filter\",o,arguments)},removeAction:function(o,r){gform.removeHook(\"action\",o,r)},removeFilter:function(o,r,e){gform.removeHook(\"filter\",o,r,e)},addHook:function(o,r,e,t,n){null==gform.hooks[o][r]&&(gform.hooks[o][r]=[]);var d=gform.hooks[o][r];null==n&&(n=r+\"_\"+d.length),gform.hooks[o][r].push({tag:n,callable:e,priority:t=null==t?10:t})},doHook:function(r,o,e){var t;if(e=Array.prototype.slice.call(e,1),null!=gform.hooks[r][o]&&((o=gform.hooks[r][o]).sort(function(o,r){return o.priority-r.priority}),o.forEach(function(o){\"function\"!=typeof(t=o.callable)&&(t=window[t]),\"action\"==r?t.apply(null,e):e[0]=t.apply(null,e)})),\"filter\"==r)return e[0]},removeHook:function(o,r,t,n){var e;null!=gform.hooks[o][r]&&(e=(e=gform.hooks[o][r]).filter(function(o,r,e){return!!(null!=n&&n!=o.tag||null!=t&&t!=o.priority)}),gform.hooks[o][r]=e)}});\n<\/script>\n\n                <div class='gf_browser_chrome gform_wrapper gravity-theme gform-theme--no-framework lawyer-form_wrapper gplaceholder_wrapper form-with-labels-no-asterisks_wrapper has-new-validation-error-styling_wrapper' data-form-theme='gravity-theme' data-form-index='0' id='gform_wrapper_2453' style='display:none'><div id='gf_2453' class='gform_anchor' tabindex='-1'><\/div><form method='post' enctype='multipart\/form-data' target='gform_ajax_frame_2453' id='gform_2453' class='lawyer-form gplaceholder form-with-labels-no-asterisks has-new-validation-error-styling' action='\/api\/wp\/v2\/posts\/191965#gf_2453' data-formid='2453' novalidate>\n                        <div class='gform-body gform_body'><div id='gform_fields_2453' class='gform_fields top_label form_sublabel_below description_below validation_below'><div id=\"field_2453_1000\" class=\"gfield gfield--type-honeypot gform_validation_container field_sublabel_below gfield--has-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_1000'>Phone<\/label><div class='ginput_container'><input name='input_1000' id='input_2453_1000' type='text' value='' autocomplete='new-password'\/><\/div><div class='gfield_description' id='gfield_description_2453_1000'>This field is for validation purposes and should be left unchanged.<\/div><\/div><div id=\"field_2453_1\" class=\"gfield gfield--type-text gfield--input-type-text gf_left_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_1'>First Name<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_text'><input name='input_1' id='input_2453_1' type='text' value='' class='medium'     aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_12\" class=\"gfield gfield--type-text gfield--input-type-text gf_right_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_12'>Last Name<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_text'><input name='input_12' id='input_2453_12' type='text' value='' class='medium'     aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_2\" class=\"gfield gfield--type-email gfield--input-type-email gf_left_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_2'>Email Address<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_email'>\n                            <input name='input_2' id='input_2453_2' type='email' value='' class='medium'    aria-required=\"true\" aria-invalid=\"false\"  \/>\n                        <\/div><\/div><div id=\"field_2453_3\" class=\"gfield gfield--type-phone gfield--input-type-phone gf_right_half gfield--width-half gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_3'>Phone<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_phone'><input name='input_3' id='input_2453_3' type='tel' value='' class='medium'   aria-required=\"true\" aria-invalid=\"false\"   \/><\/div><\/div><div id=\"field_2453_14\" class=\"gfield gfield--type-select gfield--input-type-select gfield--width-full custom-select gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_14'>Number of Employees in Your Business<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_select'><select name='input_14' id='input_2453_14' class='large gfield_select'    aria-required=\"true\" aria-invalid=\"false\" ><option value='' selected='selected'>Select ...<\/option><option value='0' >0<\/option><option value='1' >1-5<\/option><option value='6' >6-20<\/option><option value='21' >21-50<\/option><option value='51' >51-250<\/option><option value='250' >250+<\/option><\/select><\/div><\/div><div id=\"field_2453_4\" class=\"gfield gfield--type-textarea gfield--input-type-textarea gfield_contains_required field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><label class='gfield_label gform-field-label' for='input_2453_4'>Tell us about your enquiry<span class=\"gfield_required\"><span class=\"gfield_required gfield_required_text\">(Required)<\/span><\/span><\/label><div class='ginput_container ginput_container_textarea'><textarea name='input_4' id='input_2453_4' class='textarea medium'     aria-required=\"true\" aria-invalid=\"false\"   rows='10' cols='50'><\/textarea><\/div><\/div><div id=\"field_2453_5\" class=\"gfield gfield--type-html gfield--input-type-html gfield_html gfield_html_formatted gfield_no_follows_desc field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  >By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. View our <a href=\"https:\/\/legalvision.co.uk\/privacy-notice\/\" target=\"_blank\">Privacy Policy<\/a>. <\/div><div id=\"field_2453_8\" class=\"gfield gfield--type-hidden gfield--input-type-hidden gform_hidden field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><div class='ginput_container ginput_container_text'><input name='input_8' id='input_2453_8' type='hidden' class='gform_hidden'  aria-invalid=\"false\" value='http:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/191965' \/><\/div><\/div><div id=\"field_2453_13\" class=\"gfield gfield--type-hidden gfield--input-type-hidden gform_hidden field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><div class='ginput_container ginput_container_text'><input name='input_13' id='input_2453_13' type='hidden' class='gform_hidden'  aria-invalid=\"false\" value='generic_form' \/><\/div><\/div><fieldset id=\"field_2453_999\" class=\"gfield gfield--type-checkbox gfield--type-choice gfield__uk-marketo-opt-in field_sublabel_below gfield--no-description field_description_below field_validation_below gfield_visibility_visible\"  ><legend class='gfield_label gform-field-label screen-reader-text' ><\/legend><div class='ginput_container ginput_container_checkbox'><div class='gfield_checkbox ' id='input_2453_999'><div class='gchoice gchoice_2453_999_1'>\n\t\t\t\t\t\t\t\t<input class='gfield-choice-input' name='input_999.1' type='checkbox'  value='1'  id='choice_2453_999_1'   \/>\n\t\t\t\t\t\t\t\t<label for='choice_2453_999_1' id='label_2453_999_1' class='gform-field-label gform-field-label--type-inline'>By submitting this form, you agree to receive content and event invitations from us to help you grow your business. If you do not want to receive such messages, tick here.<\/label>\n\t\t\t\t\t\t\t<\/div><\/div><\/div><\/fieldset><\/div><\/div>\n        <div class='gform-footer gform_footer top_label'> <button type=\"submit\" id=\"gform_submit_button_2453\" class=\"gform_button button\" onclick=\"gform.submission.handleButtonClick(this);\" data-submission-type=\"submit\"><span class=\"gform_submit_button__text\">Submit Now<\/span><\/button> <input type='hidden' name='gform_ajax' value='form_id=2453&amp;title=&amp;description=&amp;tabindex=0&amp;theme=gravity-theme&amp;hash=ec2463697d0d9cef7b71236ae60964c7' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submission_method' data-js='gform_submission_method_2453' value='iframe' \/>\n            <input type='hidden' class='gform_hidden' name='gform_theme' data-js='gform_theme_2453' id='gform_theme_2453' value='gravity-theme' \/>\n            <input type='hidden' class='gform_hidden' name='gform_style_settings' data-js='gform_style_settings_2453' id='gform_style_settings_2453' value='' \/>\n            <input type='hidden' class='gform_hidden' name='is_submit_2453' value='1' \/>\n            <input type='hidden' class='gform_hidden' name='gform_submit' value='2453' \/>\n            \n            <input type='hidden' class='gform_hidden' name='gform_currency' data-currency='GBP' value='SZx7LXeeOyXnmnoniqYrKIylD6eovmuVeksi2lytqWDMLGaUXSrs4v7IEwjzUeFWOd6LheknF4GDldpNlzzjoXNfXpcNCOCt\/3yGLbDJk7H6BA0=' \/>\n            <input type='hidden' class='gform_hidden' name='gform_unique_id' value='' \/>\n            <input type='hidden' class='gform_hidden' name='state_2453' value='WyJ7XCIxNFwiOltcIjIyODY0N2ViMWU3NTcxZjA4YTY4NGJmMDcwMTk3Y2I0XCIsXCJiMzk3YmQ1MDBmMmFjNjk1ODE4MzdmNTBhYTA2MzQ0OFwiLFwiNGYyNGZkZGEwMzlkNDUxMWFhZGE1NGYwZmQwZmNiZTdcIixcIjUyMmJkMDE2M2I2ZmEwOTI3NDZhZjU5YTg0ZmM1NDk5XCIsXCIzODRlNjk1YjQxMTAzMWFiYmQ2ODEyMGYyZWFhMDYyNlwiLFwiYjkzNDcwNTE2MjkxOGRjZWViMjQzNzRjNmE0NGVmNTlcIixcIjQxMTliODZhMzVjYzJiMWViNDZiMmQ4NjRlNGUzZmNjXCJdfSIsIjQ3MjNiMzA2ZDIyZGVkODA2N2YyMjYyOThkYzI1ODVmIl0=' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_target_page_number_2453' id='gform_target_page_number_2453' value='0' \/>\n            <input type='hidden' autocomplete='off' class='gform_hidden' name='gform_source_page_number_2453' id='gform_source_page_number_2453' value='1' \/>\n            <input type='hidden' name='gform_field_values' value='' \/>\n            \n        <\/div>\n                        <\/form>\n                        <\/div>\n\t\t                <iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_2453' id='gform_ajax_frame_2453' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'><\/iframe>\n\t\t                <script>\ngform.initializeOnLoaded( function() {gformInitSpinner( 2453, 'https:\/\/legalvision.co.uk\/wp-content\/themes\/legalv-v6\/img\/spinner.svg', true );jQuery('#gform_ajax_frame_2453').on('load',function(){var contents = jQuery(this).contents().find('*').html();var is_postback = contents.indexOf('GF_AJAX_POSTBACK') >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find('#gform_wrapper_2453');var is_confirmation = jQuery(this).contents().find('#gform_confirmation_wrapper_2453').length > 0;var is_redirect = contents.indexOf('gformRedirect(){') >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery('html').css('margin-top'), 10) + parseInt(jQuery('body').css('margin-top'), 10) + 100;if(is_form){form_content.find('form').css('opacity', 0);jQuery('#gform_wrapper_2453').html(form_content.html());if(form_content.hasClass('gform_validation_error')){jQuery('#gform_wrapper_2453').addClass('gform_validation_error');} else {jQuery('#gform_wrapper_2453').removeClass('gform_validation_error');}setTimeout( function() { \/* delay the scroll by 50 milliseconds to fix a bug in chrome *\/ jQuery(document).scrollTop(jQuery('#gform_wrapper_2453').offset().top - mt); }, 50 );if(window['gformInitDatepicker']) {gformInitDatepicker();}if(window['gformInitPriceFields']) {gformInitPriceFields();}var current_page = jQuery('#gform_source_page_number_2453').val();gformInitSpinner( 2453, 'https:\/\/legalvision.co.uk\/wp-content\/themes\/legalv-v6\/img\/spinner.svg', true );jQuery(document).trigger('gform_page_loaded', [2453, current_page]);window['gf_submitting_2453'] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find('.GF_AJAX_POSTBACK').html();if(!confirmation_content){confirmation_content = contents;}jQuery('#gform_wrapper_2453').replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery('#gf_2453').offset().top - mt);jQuery(document).trigger('gform_confirmation_loaded', [2453]);window['gf_submitting_2453'] = false;wp.a11y.speak(jQuery('#gform_confirmation_message_2453').text());}else{jQuery('#gform_2453').append(contents);if(window['gformRedirect']) {gformRedirect();}}jQuery(document).trigger(\"gform_pre_post_render\", [{ formId: \"2453\", currentPage: \"current_page\", abort: function() { this.preventDefault(); } }]);        if (event && event.defaultPrevented) {                return;        }        const gformWrapperDiv = document.getElementById( \"gform_wrapper_2453\" );        if ( gformWrapperDiv ) {            const visibilitySpan = document.createElement( \"span\" );            visibilitySpan.id = \"gform_visibility_test_2453\";            gformWrapperDiv.insertAdjacentElement( \"afterend\", visibilitySpan );        }        const visibilityTestDiv = document.getElementById( \"gform_visibility_test_2453\" );        let postRenderFired = false;        function triggerPostRender() {            if ( postRenderFired ) {                return;            }            postRenderFired = true;            gform.core.triggerPostRenderEvents( 2453, current_page );            if ( visibilityTestDiv ) {                visibilityTestDiv.parentNode.removeChild( visibilityTestDiv );            }        }        function debounce( func, wait, immediate ) {            var timeout;            return function() {                var context = this, args = arguments;                var later = function() {                    timeout = null;                    if ( !immediate ) func.apply( context, args );                };                var callNow = immediate && !timeout;                clearTimeout( timeout );                timeout = setTimeout( later, wait );                if ( callNow ) func.apply( context, args );            };        }        const debouncedTriggerPostRender = debounce( function() {            triggerPostRender();        }, 200 );        if ( visibilityTestDiv && visibilityTestDiv.offsetParent === null ) {            const observer = new MutationObserver( ( mutations ) => {                mutations.forEach( ( mutation ) => {                    if ( mutation.type === 'attributes' && visibilityTestDiv.offsetParent !== null ) {                        debouncedTriggerPostRender();                        observer.disconnect();                    }                });            });            observer.observe( document.body, {                attributes: true,                childList: false,                subtree: true,                attributeFilter: [ 'style', 'class' ],            });        } else {            triggerPostRender();        }    } );} );\n<\/script>\n<\/div>\n<\/div>\n<div id=\"content-next\"><!-- scroll anchor --><\/div>\n<h2 class=\"wp-block-heading\">How Can Employers Manage Cyber Risks?<\/h2>\n\n\n\n<p>While cyber security is a real threat and worrying, there are various practical steps you can implement to protect yourself.<\/p>\n\n\n\n<div  class=\"box box--icon box--info\">\n    <p>Your business should identify and address vulnerabilities in its systems. Conducting regular cyber risk assessments can help you uncover weaknesses that need attention. These assessments may include audits, penetration tests, and vulnerability scans. If you identify problems (e.g., outdated software or insecure systems), you should immediately take remedial action to resolve them.<\/p>\n<\/div>\n\n\n\n<p>Human error causes many cyber breaches, so your business must train employees to handle data securely. As an employer, you should train your employees to recognise common threats such as phishing emails, use strong passwords, and follow secure processes when carrying out their roles. You should carefully tailor this training to your business&#8217;s specific risks.&nbsp;<\/p>\n\n\n\n<p>Even with strong defences, incidents can happen. Your business must, therefore, prepare and roll out a clear incident response plan and teach staff how to recognise, contain, report, and recover from attacks quickly. Regularly test the plan to ensure you can respond effectively and reduce disruption.<\/p>\n\n\n    <div class=\"my-7 lg:my-10 border-y-2 border-gray-100 py-7 lg:py-10 flex flex-col sm:flex-row items-start gap-10\">\n                    <img decoding=\"async\" class=\"w-52 mx-auto my-0! rounded\" src=\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2023\/07\/04001038\/uk-gdpr-factsheet.jpg\" alt=\"Front page of publication\"\n                 loading=\"lazy\" width=\"208\" height=\"298\">\n                <section>\n            <div class=\"text-2xl font-bold\">GDPR Essentials Factsheet<\/div>\n            <div class=\"body-text\">\n                <p>This factsheet sets out how your business can become GDPR compliant.<\/p>\n            <\/div>\n            \n\n<a href=\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2023\/07\/04001020\/LegalVision-UK-GDPR-Factsheet.pdf\" class=\" block px-5 py-3.5 max-w-fit bg-orange button__hover transition rounded text-white font-bold text-lg no-underline uppercase leading-tight text-center\" target=\"\" rel=\"\">Download Now<\/a>        <\/section>\n    <\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\">How Can a Cyber Security Policy Support Your Business?<\/h2>\n\n\n\n<p>A cyber security policy is a best practice document that can help give your business a clear plan for protecting systems and data. It should clearly define organisational responsibilities, set standards, and specify rules for employees to follow. Your business should ensure the policy covers key areas such as data classification, access management, and incident reporting.<\/p>\n\n\n\n<p>You can include key rules to prevent electronic risks, such as creating secure passwords, information security requirements, and how to be attentive to potential attacks.<\/p>\n\n\n\n<p>The policy can also address additional protections, such as personal device use practices and rules preventing system misuse.<\/p>\n\n\n\n<div  class=\"box box--icon box--info\">\n    <p>To make your policy as effective as possible, you should draft it in straightforward language and include real-world examples so employees understand it.<\/p>\n<\/div>\n\n\n\n<p>If you adopt this policy, your business should regularly review and update it to address changing risks as cyber threats continue to develop over time.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Key Takeaways<\/h2>\n\n\n\n<p>Cybersecurity risk mitigation is vital for UK businesses. Creating an effective cyber security policy is a best practice tool that can help you prevent cyber risks, define responsibilities, set clear standards, and give your employees a clear understanding of cybersecurity risks. By taking a proactive approach and implementing such steps, you will be better positioned to reduce the potential impact of cyber threats.<\/p>\n\n\n\n<p>If you need help with a cyber security policy, our experienced <a href=\"https:\/\/legalvision.co.uk\/services\/data-privacy-it-lawyers\/\">Data, Privacy and IT lawyers<\/a> can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on <a href=\"tel:+448081968584\" class=\"AVANSERnumber dynamic-number\">0808 196 8584<\/a> or visit our <a href=\"https:\/\/legalvision.co.uk\/membership\/\">membership page<\/a>.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Frequently Asked Questions<\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1733930134442\"><strong class=\"schema-faq-question\"><strong>What is a cyber security policy?<\/strong><\/strong> <p class=\"schema-faq-answer\">A cyber security policy is a document which sets out clear rules and responsibilities for protecting your business&#8217;s systems and data from electronic threats.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1733930148019\"><strong class=\"schema-faq-question\"><strong>Which laws govern cyber security in the UK?<\/strong><\/strong> <p class=\"schema-faq-answer\">A number of laws impose cyber security-related obligations, including the UK GDPR, the Data Protection Act 2018, and the NIS Regulations 2018. Your business may also need to comply with sector-specific regulations.<\/p> <\/div> <\/div>\n\n\n\n\n<div class=\"not-prose m-feedback-prompt\">\n    <!-- Thumbs up\/down bar -->\n    <div class=\"m-feedback-prompt__main\">\n        <div class=\"m-feedback-prompt__title\">Was this article helpful?<\/div>\n        <div>\n            <!--span class=\"m-feedback-prompt__button--text\">Thanks!<\/span-->\n            <button type=\"button\" class=\"m-feedback-prompt__button m-feedback-prompt__button--yes\"\n                    data-analytics-link=\"feedback-prompt:yes\" aria-label=\"Agree\">\n                <i class=\"fa-regular fa-thumbs-up fa-3x\"><\/i>\n            <\/button>\n            <button type=\"button\" class=\"m-feedback-prompt__button m-feedback-prompt__button--no\"\n                    data-analytics-link=\"feedback-prompt:no\" aria-label=\"Disagree\">\n                <i class=\"fa-regular fa-thumbs-down fa-3x\"><\/i>\n            <\/button>\n        <\/div>\n    <\/div>\n\n    <!-- Feedback form -->\n    <div class=\"m-feedback-prompt__form\">\n        <div class=\"m-feedback-prompt__form--thanks \">\n            <div>Thanks!<\/div>\n            <p>\n                We appreciate your feedback \u2013 your submission has been successfully received.            <\/p>\n        <\/div>\n        <form id=\"contact-form\" class=\"m-feedback-prompt__form--form\" action=\"\" method=\"post\">\n            <input type=\"hidden\" id=\"authenticity_token\" name=\"authenticity_token\" value=\"7ad8280d8e\" \/><input type=\"hidden\" name=\"_wp_http_referer\" value=\"\/api\/wp\/v2\/posts\/191965\" \/>            <input value=\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\" type=\"hidden\" name=\"currenturl\"\n                   id=\"currenturl\">\n            <input value=\"Creating a Cyber Security Policy: Legal Requirements for Employers\" type=\"hidden\" name=\"currenttitle\"\n                   id=\"currenttitle\">\n            <label>\n                <!-- display on thumbs-up -->\n                <span class=\"m-feedback-prompt__feedback m-feedback-prompt__feedback--yes\">\n                    Can you tell us <span class=\"font-semibold\">why<\/span> you found it helpful?\n                <\/span>\n\n                <!-- display on thumbs-down -->\n                <span class=\"m-feedback-prompt__feedback m-feedback-prompt__feedback--no text-lg\">\n                    How can we better improve this article?\n                <\/span>\n                <textarea name=\"feedbackmessage\" id=\"feedbackmessage\" required><\/textarea>\n            <\/label>\n\n            <div class=\"m-feedback-prompt__form--error\" id=\"form-submit-error\"><\/div>\n            <button id=\"submit-contact-form-button\" type=\"submit\" name=\"commit\" class=\"m-feedback-prompt__form--submit\"\n                    data-analytics-link=\"feedback-prompt:submit\">\n                Submit            <\/button>\n        <\/form>\n    <\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cyber security is critical for UK businesses, including those hiring staff. Your company must protect its systems and data from cybersecurity risks and demonstrate compliance with key legal requirements such as the UK GDPR and the NIS Regulations. Cyber threats are increasing, and failing to mitigate risk against them can lead to serious consequences. A<a href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\">Continue reading <span class=\"sr-only\">&#8220;Creating a Cyber Security Policy: Legal Requirements for Employers&#8221;<\/span><\/a><\/p>\n","protected":false},"author":13436,"featured_media":3108,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","editor_notices":[],"footnotes":""},"categories":[27],"tags":[20,365,798],"class_list":["post-191965","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-privacy-it","tag-small-business","tag-gdpr","tag-data-protection-rules"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Creating a Cyber Security Policy | LegalVision UK<\/title>\n<meta name=\"description\" content=\"This article explores the risks cyber security poses to businesses, and the laws surrounding it, in the United Kingdom.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Creating a Cyber Security Policy | LegalVision UK\" \/>\n<meta property=\"og:description\" content=\"This article explores the risks cyber security poses to businesses, and the laws surrounding it, in the United Kingdom.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\" \/>\n<meta property=\"og:site_name\" content=\"LegalVision UK\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/LegalVision\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-11T15:16:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-04-05T06:00:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1149\" \/>\n\t<meta property=\"og:image:height\" content=\"766\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Sej Lamba\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@LegalVision_law\" \/>\n<meta name=\"twitter:site\" content=\"@LegalVision_law\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sej Lamba\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\"},\"author\":{\"name\":\"Sej Lamba\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/85c8e51e5b8ce4c323980106fae16838\"},\"headline\":\"Creating a Cyber Security Policy: Legal Requirements for Employers\",\"datePublished\":\"2024-12-11T15:16:03+00:00\",\"dateModified\":\"2025-04-05T06:00:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\"},\"wordCount\":852,\"image\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg\",\"keywords\":[\"small business\",\"gdpr\",\"data protection rules\"],\"articleSection\":[\"Data, Privacy and IT Articles\"],\"inLanguage\":\"en-GB\"},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\",\"url\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\",\"name\":\"Creating a Cyber Security Policy | LegalVision UK\",\"isPartOf\":{\"@id\":\"https:\/\/legalvision.co.uk\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg\",\"datePublished\":\"2024-12-11T15:16:03+00:00\",\"dateModified\":\"2025-04-05T06:00:45+00:00\",\"author\":{\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/85c8e51e5b8ce4c323980106fae16838\"},\"description\":\"This article explores the risks cyber security poses to businesses, and the laws surrounding it, in the United Kingdom.\",\"breadcrumb\":{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#faq-question-1733930134442\"},{\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#faq-question-1733930148019\"}],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#primaryimage\",\"url\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg\",\"contentUrl\":\"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg\",\"width\":1149,\"height\":766,\"caption\":\"Creating a Cyber Security Policy: Legal Requirements for UK Employers | LegalVision UK\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/legalvision.co.uk\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data, Privacy and IT Articles\",\"item\":\"https:\/\/legalvision.co.uk\/category\/data-privacy-it\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Creating a Cyber Security Policy: Legal Requirements for Employers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/legalvision.co.uk\/#website\",\"url\":\"https:\/\/legalvision.co.uk\/\",\"name\":\"LegalVision UK\",\"description\":\"LegalVision is a commercial law firm in the UK with a commitment to innovation\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/legalvision.co.uk\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/85c8e51e5b8ce4c323980106fae16838\",\"name\":\"Sej Lamba\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/legalvision.co.uk\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2024\/11\/cropped-Sehaj-Lamba-96x96.jpg\",\"contentUrl\":\"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2024\/11\/cropped-Sehaj-Lamba-96x96.jpg\",\"caption\":\"Sej Lamba\"},\"description\":\"Sej is a Legal Content Writer at LegalVision. She is an experienced legal content writer who enjoys writing legal guides, blogs, and know-how tools for businesses. She studied History at University College London and then developed a passion for law, which inspired her to become a qualified lawyer. Sej enjoys drawing on her legal knowledge and practical commercial acumen to draft legal content that is commercially focused and easy for businesses to understand. She is passionate about breaking down complex legal concepts into clear and valuable insights which businesses can digest and learn from. Sej has a strong interest in fast-developing areas such as data privacy law and AI and has drafted articles which have been published in leading UK legal website publications, including The Lawyer and The Law Society Gazette websites.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/sejlamba\/\"],\"url\":\"https:\/\/legalvision.co.uk\/author\/sehajlamba\/\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#faq-question-1733930134442\",\"name\":\"What is a cyber security policy?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"A cyber security policy is a document which sets out clear rules and responsibilities for protecting your business's systems and data from electronic threats.\",\"inLanguage\":\"en-GB\"},\"inLanguage\":\"en-GB\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#faq-question-1733930148019\",\"name\":\"Which laws govern cyber security in the UK?\",\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"A number of laws impose cyber security-related obligations, including the UK GDPR, the Data Protection Act 2018, and the NIS Regulations 2018. Your business may also need to comply with sector-specific regulations.\",\"inLanguage\":\"en-GB\"},\"inLanguage\":\"en-GB\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Creating a Cyber Security Policy | LegalVision UK","description":"This article explores the risks cyber security poses to businesses, and the laws surrounding it, in the United Kingdom.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/","og_locale":"en_GB","og_type":"article","og_title":"Creating a Cyber Security Policy | LegalVision UK","og_description":"This article explores the risks cyber security poses to businesses, and the laws surrounding it, in the United Kingdom.","og_url":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/","og_site_name":"LegalVision UK","article_publisher":"https:\/\/www.facebook.com\/LegalVision","article_published_time":"2024-12-11T15:16:03+00:00","article_modified_time":"2025-04-05T06:00:45+00:00","og_image":[{"width":1149,"height":766,"url":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg","type":"image\/jpeg"}],"author":"Sej Lamba","twitter_card":"summary_large_image","twitter_creator":"@LegalVision_law","twitter_site":"@LegalVision_law","twitter_misc":{"Written by":"Sej Lamba","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#article","isPartOf":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/"},"author":{"name":"Sej Lamba","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/85c8e51e5b8ce4c323980106fae16838"},"headline":"Creating a Cyber Security Policy: Legal Requirements for Employers","datePublished":"2024-12-11T15:16:03+00:00","dateModified":"2025-04-05T06:00:45+00:00","mainEntityOfPage":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/"},"wordCount":852,"image":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#primaryimage"},"thumbnailUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg","keywords":["small business","gdpr","data protection rules"],"articleSection":["Data, Privacy and IT Articles"],"inLanguage":"en-GB"},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/","url":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/","name":"Creating a Cyber Security Policy | LegalVision UK","isPartOf":{"@id":"https:\/\/legalvision.co.uk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#primaryimage"},"image":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#primaryimage"},"thumbnailUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg","datePublished":"2024-12-11T15:16:03+00:00","dateModified":"2025-04-05T06:00:45+00:00","author":{"@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/85c8e51e5b8ce4c323980106fae16838"},"description":"This article explores the risks cyber security poses to businesses, and the laws surrounding it, in the United Kingdom.","breadcrumb":{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#faq-question-1733930134442"},{"@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#faq-question-1733930148019"}],"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#primaryimage","url":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg","contentUrl":"https:\/\/img.legalvision.com.au\/wp-content\/uploads\/sites\/4\/2022\/05\/24121502\/business-image-052248.jpg","width":1149,"height":766,"caption":"Creating a Cyber Security Policy: Legal Requirements for UK Employers | LegalVision UK"},{"@type":"BreadcrumbList","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/legalvision.co.uk\/"},{"@type":"ListItem","position":2,"name":"Data, Privacy and IT Articles","item":"https:\/\/legalvision.co.uk\/category\/data-privacy-it\/"},{"@type":"ListItem","position":3,"name":"Creating a Cyber Security Policy: Legal Requirements for Employers"}]},{"@type":"WebSite","@id":"https:\/\/legalvision.co.uk\/#website","url":"https:\/\/legalvision.co.uk\/","name":"LegalVision UK","description":"LegalVision is a commercial law firm in the UK with a commitment to innovation","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/legalvision.co.uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/85c8e51e5b8ce4c323980106fae16838","name":"Sej Lamba","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/legalvision.co.uk\/#\/schema\/person\/image\/","url":"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2024\/11\/cropped-Sehaj-Lamba-96x96.jpg","contentUrl":"https:\/\/legalvision.co.uk\/wp-content\/uploads\/sites\/4\/2024\/11\/cropped-Sehaj-Lamba-96x96.jpg","caption":"Sej Lamba"},"description":"Sej is a Legal Content Writer at LegalVision. She is an experienced legal content writer who enjoys writing legal guides, blogs, and know-how tools for businesses. She studied History at University College London and then developed a passion for law, which inspired her to become a qualified lawyer. Sej enjoys drawing on her legal knowledge and practical commercial acumen to draft legal content that is commercially focused and easy for businesses to understand. She is passionate about breaking down complex legal concepts into clear and valuable insights which businesses can digest and learn from. Sej has a strong interest in fast-developing areas such as data privacy law and AI and has drafted articles which have been published in leading UK legal website publications, including The Lawyer and The Law Society Gazette websites.","sameAs":["https:\/\/www.linkedin.com\/in\/sejlamba\/"],"url":"https:\/\/legalvision.co.uk\/author\/sehajlamba\/"},{"@type":"Question","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#faq-question-1733930134442","name":"What is a cyber security policy?","acceptedAnswer":{"@type":"Answer","text":"A cyber security policy is a document which sets out clear rules and responsibilities for protecting your business's systems and data from electronic threats.","inLanguage":"en-GB"},"inLanguage":"en-GB"},{"@type":"Question","@id":"https:\/\/legalvision.co.uk\/data-privacy-it\/creating-cyber-security-policy\/#faq-question-1733930148019","name":"Which laws govern cyber security in the UK?","acceptedAnswer":{"@type":"Answer","text":"A number of laws impose cyber security-related obligations, including the UK GDPR, the Data Protection Act 2018, and the NIS Regulations 2018. Your business may also need to comply with sector-specific regulations.","inLanguage":"en-GB"},"inLanguage":"en-GB"}]}},"_links":{"self":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/191965","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/users\/13436"}],"replies":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/comments?post=191965"}],"version-history":[{"count":4,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/191965\/revisions"}],"predecessor-version":[{"id":193309,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/posts\/191965\/revisions\/193309"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/media\/3108"}],"wp:attachment":[{"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/media?parent=191965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/categories?post=191965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/legalvision.co.uk\/api\/wp\/v2\/tags?post=191965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}