THANK you FOR Reaching out
One of our guardians will be in touch as soon as possible
To speak to us immediately, please call +44 20 3398 0973
To speak to us immediately, please call +44 20 3398 0973
Organisations who manufacture and sell products with digital elements into the European market are entering a period of regulatory change that will directly influence how products are designed, developed and maintained.
The Cyber Resilience Act (CRA) is regulatory change that is currently in motion, with phased obligations relevant from 11th September 2026 onwards. Broader compliance obligations are enforced as the regulation becomes fully enforceable later in the following year.
Artificial intelligence has been discussed in cyber security for years, largely through the lens of incremental improvement. Better detection, faster analysis, more automation in repetitive tasks, etc. What has not fundamentally changed, not to this level, at least, is the tempo of the threat landscape itself… until now. The launching of Mythos/Fable (and other Frontier AI) represents a clear changing point.
The UK rail sector faces complex cyber security challenges under the NCSC Cyber Assessment Framework (CAF). This includes protecting operational technology (OT), managing legacy signalling systems, and securing a highly fragmented supply chain across Network Rail, TOCs, and ROSCOs. The Department for Transport applies CAF within the NIS Regulations, prioritising passenger safety alongside cyber resilience, particularly during CP7 infrastructure programmes.