This is from the UK government’s website. The section I found most interesting is on the subject of regulatory oversight. It’s a change of emphasis for the regulator to be responsible for security. I’d like the other regulators for critical infrastructure to have similar remits…:
[…] At the heart of the new regime, the NCSC’s new Telecoms Security Requirements guidance will provide clarity to industry on what is expected in terms of network security. The TSRs will raise the height of the security bar and set out tough new standards to be met in the design and operation of the UK’s telecoms networks.
The government intends to legislate at the earliest opportunity to introduce a new comprehensive telecoms security regime – to be overseen by the regulator, Ofcom, and government. […]