Broad-brush cyber security legislation is increasingly being complemented by sector-specific rules in the EU and UK.  We look at the EU's Digital Operational Resilience Act (DORA) which focuses on the cyber resilience of the financial sector, and at the EU's Cyber Resilience Act and UK's Product Security and Telecommunications Act, which cover cyber security of connected products.  We also look at the wider cyber security regime in the EU and UK and consider how to build digital resilience.