{"id":2664,"date":"2021-01-15T11:34:26","date_gmt":"2021-01-15T11:34:26","guid":{"rendered":"https:\/\/amtivo.com\/uk\/standards\/uncategorized\/untagged\/how-brexit-affect-business-cyber-security\/"},"modified":"2025-12-15T16:18:19","modified_gmt":"2025-12-15T16:18:19","slug":"how-brexit-affect-business-cyber-security","status":"publish","type":"standard-post-filter","link":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/","title":{"rendered":"How Will Brexit Affect Your Business\u2019 Cyber Security?"},"content":{"rendered":"

After years of negotiations, the UK has left the EU. But while much of the focus was initially on the details of business and trade, Brexit has the potential for sweeping changes to cyber security legislation. Find out what Brexit means for your organisation\u2019s approach to cyber security and how to prepare for any changes.<\/strong><\/p>\r\n

\u00a0<\/h2>\r\n

Does GDPR Still Apply After Brexit?<\/h2>\r\n

The General Data Protection Regulation (GDPR) was enshrined in UK law in 2018 \u2013 changing how personal data is processed. The rules and obligations it put in place applied to everyone who processes data belonging to people in the EU, including organisations outside of the EU if they have EU customers. Personal data is any information that can be used to identify a living person \u2013 that includes names, delivery details, HR data and payroll \u2013 so this meant most businesses had to make big changes in order to comply.<\/p>\r\n

Under the Withdrawal Agreement, EU data protection law was converted into UK domestic law. The government has stated that \u2018The provisions of the EU GDPR were incorporated directly into UK law at the end of the transition period. The UK GDPR sits alongside the DPA 2018 with some technical amendments so that it works in a UK-only context.\u2019 It also emphasised that \u2018The UK remains committed to high data protection standards.\u2019<\/p>\r\n

\u00a0<\/h2>\r\n

Will Organisations Face New Cyber Security Legislation After Brexit?<\/h2>\r\n

Any UK businesses active in the EU still have to comply with GDPR. That\u2019s because the regulation applies both to organisations with headquarters or branches located in the EU and also to those located exclusively outside of the EU but offer goods and services to or monitor individuals in the EU. But does the government have plans to relax this in the future?<\/p>\r\n

Prime Minister Boris Johnson\u2019s former chief adviser Dominic Cummings made no secret of his disdain for GDPR. He championed vast data collection and saw Brexit as an opportunity for Britain to do away with what he described as \u2018idiotic laws\u2019. \u2018We will be able to navigate between America\u2019s poor protection of privacy and the EU\u2019s hostility to technology and entrepreneurs,\u2019 he said.<\/a><\/p>\r\n

Cummings may be gone, but some of his thinking remains. In September 2020, the government unveiled its National Data Strategy. It contained a pledge to remove legal barriers \u2018real and perceived\u2019 to data use, alleviating data compliance obligations, particularly for SMEs. It also pointed towards a future of increased international data sharing and promised to deliver a \u2018radical transformation of how the government understands and unlocks the value of its own data.\u2019<\/a><\/p>\r\n

\u00a0<\/h2>\r\n

Could Divergence From GDPR Be a Good Thing for Business?<\/h2>\r\n

At first glance, GDPR can seem like a huge undertaking for SMEs, so some business owners might welcome the idea of diverging from the EU regulation. But, while the European Commission (EC) has acknowledged the complexities GDPR poses to some SMEs, it has also argued that businesses should not be exempt from data obligations because of their size.<\/p>\r\n

UK relaxation of these rules could create concerning loopholes and confusion, eroding public trust in smaller companies. Equally troubling is the strategy\u2019s approach to cross-border data transfers, with decisions resting solely in the hands of the Secretary of State (previously requiring consultation between the EC, the Europeans Data Protection Board and member state representatives). This lack of oversight could lead to personal data being sold off to the highest bidder or becoming a pivotal pawn in trade negotiations.<\/p>\r\n

If the UK were to relax local cyber security laws, any businesses that trade internationally would also face the prospect of complying with multiple sets of requirements: one set for UK customers, one for EU customers.<\/p>\r\n

\u00a0<\/h2>\r\n

Is the UK Likely To Relax Cyber Security Legislation?<\/h2>\r\n

While there might be an ideological desire in government to relax cyber security legislation, practical considerations might mean that we won\u2019t see any changes just yet.<\/p>\r\n

The Withdrawal Agreement created a six-month \u2018bridging mechanism\u2019 that allows the free flow of data between the EU and the UK. But this mechanism will only last until the EU has finished conducting a data adequacy assessment of the UK. A positive outcome would mean that personal data can continue to flow freely from the EU to the UK, without businesses needing to take action. A negative outcome could have major implications for data movement and sharing.<\/p>\r\n

As such, it is in the UK Government\u2019s interest to maintain alignment with GDPR to achieve that positive outcome. But this does not preclude the possibility that it will later seek to diverge from GDPR.<\/p>\r\n

\u00a0<\/h2>\r\n

How Can Businesses Prepare for Compliance Post-Brexit?<\/h2>\r\n

The best approach right now is to continue to comply with GDPR<\/a>. This will mean you remain compliant with laws as they exist, and give you a greater chance of being already compliant with any relaxed laws the UK introduces.<\/p>\r\n

After all, GDPR itself caused a lot of concern back in 2018. But while some businesses struggled to adapt, many of the issues were caused by having only limited existing cyber security frameworks. The businesses that had already implemented rigorous security practices, such as an Information Security Management System (ISMS)<\/a>, were already compliant in most areas dictated by the regulation.<\/p>\r\n

That\u2019s because an ISMS furnishes an organisation with clear, rigorous internal processes that help staff members ensure that data is kept safe and gives them clear guidance if and when things go wrong. And the better your internal processes, the better prepared you\u2019ll be to meet the requirements of any new legislation that may come into force.<\/p>\r\n

\u00a0<\/h2>\r\n

Preparing for What\u2019s To Come<\/h2>\r\n

It\u2019s impossible to predict the future, and Brexit has certainly introduced uncertainty to some areas of business. Cyber security is just one of those areas, but maintaining the strictest information security isn\u2019t just about protecting your customers and instilling trust in your business; it also leaves you prepared for any changes to legislation that might occur in the near future.<\/p>\r\n

To find out more about Information Security Management Systems, take a look at our Beginner\u2019s Guide to ISO 27001<\/a>, the internationally-recognised ISMS standard, and discover how you can defend your data and your business in a post-Brexit world.<\/p>","protected":false},"excerpt":{"rendered":"How Brexit affects your business\u2019s cyber security and GDPR compliance and how to stay prepared.","protected":false},"author":24,"featured_media":2164,"template":"","meta":{"_acf_changed":false,"_searchwp_excluded":"","footnotes":""},"standard-post-categories":[31],"standard-post-tags":[32],"class_list":["post-2664","standard-post-filter","type-standard-post-filter","status-publish","has-post-thumbnail","hentry","standard-post-categories-insights","standard-post-tags-cyber-essentials"],"acf":[],"yoast_head":"\nHow Will Brexit Affect Your Business\u2019 Cyber Security?<\/title>\n<meta name=\"description\" content=\"How Brexit affects your business\u2019s cyber security and GDPR compliance and how to stay prepared.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How Will Brexit Affect Your Business\u2019 Cyber Security?\" \/>\n<meta property=\"og:description\" content=\"How Brexit affects your business\u2019s cyber security and GDPR compliance and how to stay prepared.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Amtivo UK\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-15T16:18:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2021\/01\/eu-flag.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"475\" \/>\n\t<meta property=\"og:image:height\" content=\"348\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2025\/04\/testimonialImage-placeholder.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How Will Brexit Affect Your Business\u2019 Cyber Security?","description":"How Brexit affects your business\u2019s cyber security and GDPR compliance and how to stay prepared.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/","og_locale":"en_GB","og_type":"article","og_title":"How Will Brexit Affect Your Business\u2019 Cyber Security?","og_description":"How Brexit affects your business\u2019s cyber security and GDPR compliance and how to stay prepared.","og_url":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/","og_site_name":"Amtivo UK","article_modified_time":"2025-12-15T16:18:19+00:00","og_image":[{"width":475,"height":348,"url":"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2021\/01\/eu-flag.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_image":"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2025\/04\/testimonialImage-placeholder.jpg","twitter_misc":{"Estimated reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/","url":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/","name":"How Will Brexit Affect Your Business\u2019 Cyber Security?","isPartOf":{"@id":"https:\/\/amtivo.com\/uk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/#primaryimage"},"image":{"@id":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/#primaryimage"},"thumbnailUrl":"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2021\/01\/eu-flag.jpg","datePublished":"2021-01-15T11:34:26+00:00","dateModified":"2025-12-15T16:18:19+00:00","description":"How Brexit affects your business\u2019s cyber security and GDPR compliance and how to stay prepared.","breadcrumb":{"@id":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/#primaryimage","url":"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2021\/01\/eu-flag.jpg","contentUrl":"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2021\/01\/eu-flag.jpg","width":475,"height":348,"caption":"EU Flag"},{"@type":"BreadcrumbList","@id":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/insights\/how-brexit-affect-business-cyber-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/amtivo.com\/uk\/"},{"@type":"ListItem","position":2,"name":"Standards","item":"https:\/\/amtivo.com\/uk\/standards\/"},{"@type":"ListItem","position":3,"name":"Cyber Essentials","item":"https:\/\/amtivo.com\/uk\/standards\/cyber-essentials\/"},{"@type":"ListItem","position":4,"name":"Insights","item":"https:\/\/amtivo.com\/uk\/standards\/insights\/"},{"@type":"ListItem","position":5,"name":"How Will Brexit Affect Your Business\u2019 Cyber Security?"}]},{"@type":"WebSite","@id":"https:\/\/amtivo.com\/uk\/#website","url":"https:\/\/amtivo.com\/uk\/","name":"Amtivo","description":"","publisher":{"@id":"https:\/\/amtivo.com\/uk\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/amtivo.com\/uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/amtivo.com\/uk\/#organization","name":"Amtivo","url":"https:\/\/amtivo.com\/uk\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/amtivo.com\/uk\/#\/schema\/logo\/image\/","url":"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2025\/10\/cropped-BAB-Amtivo-Joint-Logo-Updated-300ppi.png","contentUrl":"https:\/\/amtivo.com\/uk\/wp-content\/uploads\/sites\/20\/2025\/10\/cropped-BAB-Amtivo-Joint-Logo-Updated-300ppi.png","width":371,"height":203,"caption":"Amtivo"},"image":{"@id":"https:\/\/amtivo.com\/uk\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/standard-post-filter\/2664","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/standard-post-filter"}],"about":[{"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/types\/standard-post-filter"}],"author":[{"embeddable":true,"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/users\/24"}],"version-history":[{"count":13,"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/standard-post-filter\/2664\/revisions"}],"predecessor-version":[{"id":7134,"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/standard-post-filter\/2664\/revisions\/7134"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/media\/2164"}],"wp:attachment":[{"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/media?parent=2664"}],"wp:term":[{"taxonomy":"standard-post-categories","embeddable":true,"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/standard-post-categories?post=2664"},{"taxonomy":"standard-post-tags","embeddable":true,"href":"https:\/\/amtivo.com\/uk\/wp-json\/wp\/v2\/standard-post-tags?post=2664"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}