“More specifically for cybersecurity, what does this mean for the upcoming GDPR and NIS Directive which will be formalized over the next few years? Currently, all EU laws still apply in the UK; at least over the course of the next two years as the UK untangles itself from the Union. However, the UK will need to determine not only whether they will (unilaterally) implement similar legislation in the future, but also decide whether to retroactively repeal or keep all past EU legislation adopted to date. This includes a fair few instruments.”
Source: Brexit v. EU: A Cybersecurity Perspective | ABI Research