Jersey Cyber Security Centre Newsletter
Posts
JCSC News: New guidance, Law workshops and plenty of jobs

JCSC News: New guidance, Law workshops and plenty of jobs

January 30, 2026 • Estimated Reading Time: 8 minutes

New guidance: Cyber Law
Cyber Law Workshops
JCSC signs agreements with JOIC and JCRA
Responding to severe cyber threats: a guide for CN …
Jobs in Cyber
Tools of the Month

Dear reader,

Last month, I told you I was very pleased to be able to write the sentence: “we are one step closer to a Cyber Security Law for Jersey.” Here’s a sentence I’m even happier to be able to write: “the draft Cyber Security Law was approved by the States Assembly, and should be coming into force later this year.”

I can only echo my thanks to all of you who have worked alongside us to develop the Law, respond to the consultations, and give us your candid thoughts on how this Law will work. You can read the full press release here, but for our team, but this milestone also marks the start of a busy period.

We will be producing guidance to support Operators of Essential Services (OES), who need to comply with the Law (see more on that below). So we’ll be spending the coming weeks contacting any organisations who we have reason to believe might meet the OES thresholds, and inviting them to our upcoming workshops (you can read more on that below, too).

Ahead of the Law coming into force (which will hopefully take place after Privy Council approval later this year) JCSC also needs to prepare for an appropriately-enhanced level of accountability and scrutiny, including producing a three year strategic plan in 2026, and our first annual report in early 2027.

Finally, we’ll be responsible for maintaining the OES list on behalf of the Minister. This responsibility will come into force with the Law, so we are also delivering a pre-registration process to make this easier.

In short: there is a lot for our small team to do. But, we firmly believe the Law will make Jersey more cyber secure, and protect the services we all rely on.

Until next time,

New guidance: Cyber Law

Our Cyber Law Information Hub has the latest information about the Law, and we’ll continue to update it with new guidance and clear standards as we move towards the Law coming into effect.

Since the the Law was approved by the States Assembly last week, we’ve refreshed the information available on the Cyber Law Information Hub. You can now find:

An easy-to-understand list of the thresholds for each OES subsector, so you can check whether your organisation is an Operator of Essential Services
An updated form for organisations to pre-register as an OES (you will only be able to register as an OES once the Law comes into force, but pre-registering means we will keep you up to date)
Clearer information about what you need to do if your organisation is an OES

We’ll continue to update this page in the coming months, but if you have specific questions you’d like answered, contact us via [email protected].

Cyber Law Workshops

If your organisation qualifies as an Operator of Essential Service (OES) under the draft Cyber Security Law, you’ll need to take certain steps when the Law comes into effect, including:

registering as an OES
putting in place appropriate and proportionate cyber security measures
reporting any significant incidents to JCSC

JCSC will develop guidance to support organisations in meeting these obligations, and we want to work alongside you to develop it. We’re hosting a series of workshops in February to give OES the opportunity to ask questions, and help us shape this guidance.

Each workshop is designed for a specific sector, and we recommend that you try and attend the workshop for your sector if at all possible. If we’ve not yet advertised a workshop for your sector, please keep an eye on our website, social media, and this newsletter for updates.

Friday 6 February: Energy and Water (12:30 – 14:00)
Friday 6 February: Digital* (14:30 - 16:00)
Thursday 12 February: Transport, Postal, Courier, Food (10:30 – 12:00)
Thursday 12 February: Digital* (13:00 – 14:30)
Thursday 19 February: Public Administration (10:00 – 12:30)
Thursday 19 February: Telecommunications (12:30 – 14:00)
Thursday February 26: Parishes (10:00 – 11.30)

(*we are running two sessions for this sector in anticipation of high demand)

Attendance is free but places are limited: tap the button below to book your place.

JCSC signs agreements with JOIC and JCRA

JCSC has now signed Memoranda of Understanding with the Jersey Data Protection Authority (Information Commissioner) and the Jersey Competition and Regulatory Authority.

These will allow us to work together in a streamlined way to support islanders and local organisations.

In particular, we will be working closely with JOIC to align data protection and cyber security so that organisations and individuals know how to protect their digital assets.

We will be working with JCRA on the implementation of new telecoms security rules, to ensure the island’s telecoms infrastructure is secure whilst avoiding duplication of effort or avoidable costs to industry.

Responding to severe cyber threats: a guide for CNI

UK NCSC have just published the below guide which provides essential guidance for Critical Infrastructure (CNI) and OES organisations in defending in the current raised cyber threat environment.

How to prepare for and plan your organisation's response to severe cyber threat: a guide for CNI

www.ncsc.gov.uk/collection/how-to-prepare-and-plan-your-organisations-response-to-severe-cyber-threat-a-guide-for-cni

Jobs in Cyber

Are you recruiting for a cyber role locally? Tell us at [email protected] and we’ll share your job listing with the community.

Assistant Manager - Information Security, Risk and Governance: JTC

This role would suit someone with experience in information security risk and governance, experience with Azure, and strong attention to detail.

Information Security Analyst/Senior Analyst: Ogier

This role would suit someone with experience in a professional services setting, good communication, and a desire to progress towards security certifications.

Penetration Tester: Cortida Ltd

This role would suit someone with three years’ experience of pen testing and experience with a range of pen testing tools.

Penetration Testing Team Leader: Cortida Ltd

This role would suit someone with a CHECK Team Leader qualification, six years’ experience of pen testing, and the ability to build relationships with a range of stakeholders.

Tools of the Month

Each month, we provide a round up of tools that our team have found useful, and which could be useful to cyber security professionals. If you’ve found a helpful tool you’d like to share, please email us and we’ll include it in a future newsletter.

Just the browser

A series of configuration files that allows you to remove AI features, telemetry, data reporting and product integrations for desktop web browsers.

Did you know? JCSC can check potentially malicious files for you in our sandbox, but please let us know before sending them over.