Have you ever clicked on a link in an email that appeared genuine only to find out you had just failed a phishing attempt test set out by your IT department?

These tests may look like they are meant to embarrass the unwary, but they are really a crucial element of a wider cyber protection strategy aiming to reduce opportunities for cyber criminals to exploit vulnerabilities and access data.

The government has a host of weapons in its armoury to fight cybercrime and support businesses in their own efforts, including the Computer Misuse Act 1990 (CMA). However, with only about 500 prosecutions brought under it between 1990 and 2018, the question arises as to whether it is fit for purpose.

In this article for The Law Society Gazette, Charlotte Tregunna and Sabrin Fetih discuss some of the initiatives and proposals put forward by the government to expand the UK’s cyber defences, including proposed legislative changes following a review of the CMA earlier this year and new legislation under the UK’s Fraud Strategy.