{"id":10665,"date":"2026-01-14T16:13:10","date_gmt":"2026-01-14T15:13:10","guid":{"rendered":"https:\/\/www.gpsj.co.uk\/?p=10665"},"modified":"2026-01-14T16:18:18","modified_gmt":"2026-01-14T15:18:18","slug":"the-cyber-security-resilience-act-how-to-avoid-rip-and-replace-in-legacy-systems","status":"publish","type":"post","link":"https:\/\/www.gpsj.co.uk\/?p=10665","title":{"rendered":"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems"},"content":{"rendered":"
\n
\"\"
Shannon Simpson<\/em><\/figcaption><\/figure>\n<\/div>\n\n\n

By Shannon Simpson, CEO, Cyro Cyber<\/em><\/p>\n\n\n\n

The Cyber Security & Resilience Act (CSR) is making its way through Parliament in 2026. Assurance will no longer be enough with the new Act. For too long cyber security it has been an underfunded, poorly-supported, tick-box measure. The arrival of the CSR Act will change this, especially as it comes weaponised by the enforced use of the anew Cyber Assessment Framework, known as a CAF and overseen by the National Cyber Security Centre (NCSC). Each regulator, or Oversight Body, will also have its own, enhanced CAF (eCAF).<\/p>\n\n\n\n

For critical national infrastructure and essential services, securing a network has unique challenges. Their systems have often been built up over many years and, in the case of operational tech, there was never any expectation it needed to sit alongside critical information tech. As a result, they are often unable to receive patches, are deeply integrated with critical processes and must remain operational 24\/7.<\/p>\n\n\n\n

These services can\u2019t just be shut down. So we recommend layering modern security processes around the legacy kit. This approach avoids the rip and replace idea and prepares for evolving threats. Here are some steps to take towards securing your critical network:<\/p>\n\n\n\n

Start where you are<\/strong><\/p>\n\n\n\n

The best way build resilience is to properly implement what you already have. It\u2019s not that government organisations don\u2019t invest in cyber resilience, it\u2019s that the implementation often wanes. Before spending on expensive new tools, configure the current systems and bring them up-to-date. This will put you in a better place to plan what needs doing next.<\/p>\n\n\n\n

Establish good governance<\/strong><\/p>\n\n\n\n

The Cyber Assurance Framework supports clear, experienced governance. The NCSC says:<\/p>\n\n\n\n

\u2018Effective security of network and information systems should be driven by organisational management and corresponding policies and practices. There should be clear governance structures in place with well-defined lines of responsibility and accountability for the security of network and information systems\u20191.<\/p>\n\n\n\n

Good governance needs to extend throughout the team with training that works. Credentials misuse is an easy way for attackers to access the system, and once they\u2019re in, to move laterally, exfiltrating data as they go. This form of attack has been seen on Councils in 2025.<\/p>\n\n\n\n

We\u2019re are not great advocates of the repeated tests some users have to take. Training needs to be interactive and preventative. So it stops users from moving on and redirects them to a test or explanation before they can continue. This method ingrains security procedures across the organisation.<\/p>\n\n\n\n

Support the full lifecycle<\/strong><\/p>\n\n\n\n

Part of the responsibility for short-termism lies with vendors. In a legacy system, the original vendors may no longer support the system. We would like to see pressure on vendors to provide ongoing support for legacy systems in government organisations. This would reduce the huge costs in technology end-of-life upgrades. Proper support from vendors will help to manage ongoing changes, and costs, in the cyber risk environment.<\/p>\n\n\n\n

Implement zero trust<\/strong><\/p>\n\n\n\n

A resilient system should be built on core zero trust principles. So all users have to explicitly verify themselves, access is limited to just-enough and segment access is minimised. Attacks on Councils in 2025 have come via unauthorised access to outdated legacy systems. In our work, we\u2019ve seen networks where none of the nodes are monitored and no alerts are sent, for example.<\/p>\n\n\n\n

Organisations can improve resilience and create an evidence trail by implementing zero trust methods. Instead of believing that everything behind the corporate firewall is safe, a zero trust model assumes every entry is a breach and demands verification from each request.<\/p>\n\n\n\n

There\u2019s also the new challenge of OT; dumb end-points. For example, cameras that monitor roads, rail and underground services are being digitalised. Traditionally this has been legacy<\/p>\n\n\n\n

technology on isolated networks. Now OT is increasingly on the same network as the critical systems, but without the accompanying security measures. OT needs segmenting and the principles of zero trust applying. Locking down communication between systems and enforcing least-privilege access can reduce attack surfaces and limits who can interact with critical components.<\/p>\n\n\n\n

Plan for evidence<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

The CSR Act will require evidence that your security procedures work in practice. We\u2019ve identified some processes to help with this.<\/p>\n\n\n\n

\u00b7 Create a Senior Information Risk Owner position at Board level, with responsibility for security. This is a good way to ensure that difficult conversations don\u2019t get watered down at a senior level. The SIRO can also lead a security working group, which should include those with expertise and responsibility for security, not just those who procure it.<\/p>\n\n\n\n

\u00b7 Use the existing compliance regimes to accelerate the CAF. Review what\u2019s missing and how you can meet the requirements.<\/p>\n\n\n\n

\u00b7 Identify a breach back-up team and the technology it uses. If or when a breach happens, what do you do? What happens if the SOC is lost or your primary cloud provider goes down? Does everyone know what their role is?<\/p>\n\n\n\n

\u00b7 Start a testing programme for the systems and control you have. Record this and monitor change. This should include a schedule for Cyber Incidence Exercises (CIE). Identify who\u2019s involved.<\/p>\n\n\n\n

The best time to start with cyber security is always yesterday. But whatever stage you\u2019re at, now is the moment to review your cyber security. Now that the CAF will mandate certain processes, it\u2019s definitely time to show evidence of your network\u2019s resilience.<\/p>\n\n\n\n

Join us at CNI SEC – The Critical Summit for Critical Infrastructure<\/strong><\/p>\n\n\n\n

Thursday 29 January 2026<\/strong><\/p>\n\n\n\n

CNI Sec is an invitation-only gathering of the UK\u2019s most senior cyber leaders in critical national infrastructure. This exclusive forum is designed to drive action, turning complex regulation into workable strategies, securing legacy and OT systems, managing supply chain risk, and staying ahead of the most sophisticated threats.<\/p>\n\n\n\n

CNI SEC – The Critical Summit for Critical Infrastructure \u00b7 Luma<\/strong><\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Shannon Simpson <\/p>\n

By Shannon Simpson, CEO, Cyro Cyber<\/p>\n

The Cyber Security & Resilience Act (CSR) is making its way through Parliament in 2026. Assurance will no longer be enough with the new Act. For too long cyber security it has been an underfunded, poorly-supported, tick-box measure. The arrival of the CSR Act will change <\/p>\n

Continue reading The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems<\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[4801,4798,4800,1147,417,26,264,143,3806,4799,310,416,422],"class_list":["post-10665","post","type-post","status-publish","format-standard","hentry","category-it-it-security","tag-caf","tag-cyber-assurance-framework","tag-cyber-security-resilience-act-csr","tag-cybersecurity","tag-government-journal","tag-gpsj","tag-gpsj-magazine","tag-it","tag-legacy","tag-ncsc","tag-public-sector","tag-public-sector-journal","tag-public-sector-magazine","odd"],"yoast_head":"\nThe Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems - Government & Public Sector Journal<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.gpsj.co.uk\/?p=10665\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems - Government & Public Sector Journal\" \/>\n<meta property=\"og:description\" content=\"Shannon Simpson By Shannon Simpson, CEO, Cyro Cyber The Cyber Security & Resilience Act (CSR) is making its way through Parliament in 2026. Assurance will no longer be enough with the new Act. For too long cyber security it has been an underfunded, poorly-supported, tick-box measure. The arrival of the CSR Act will change Continue reading The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.gpsj.co.uk\/?p=10665\" \/>\n<meta property=\"og:site_name\" content=\"Government & Public Sector Journal\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-14T15:13:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-14T15:18:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.gpsj.co.uk\/wp-content\/uploads\/2026\/01\/IMG_3433e-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1707\" \/>\n\t<meta property=\"og:image:height\" content=\"2560\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"The GPSJ Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"The GPSJ Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665\"},\"author\":{\"name\":\"The GPSJ Team\",\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/#\\\/schema\\\/person\\\/d54386f99736367ec2789825fed93b4a\"},\"headline\":\"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems\",\"datePublished\":\"2026-01-14T15:13:10+00:00\",\"dateModified\":\"2026-01-14T15:18:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665\"},\"wordCount\":983,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.gpsj.co.uk\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/IMG_3433e-683x1024.jpg\",\"keywords\":[\"CAF\",\"Cyber Assurance Framework\",\"Cyber Security & Resilience Act (CSR)\",\"Cybersecurity\",\"Government Journal\",\"GPSJ\",\"GPSJ Magazine\",\"IT\",\"legacy\",\"NCSC\",\"public sector\",\"Public Sector Journal\",\"Public Sector Magazine\"],\"articleSection\":[\"IT & IT Security\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665\",\"url\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665\",\"name\":\"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems - Government & Public Sector Journal\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.gpsj.co.uk\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/IMG_3433e-683x1024.jpg\",\"datePublished\":\"2026-01-14T15:13:10+00:00\",\"dateModified\":\"2026-01-14T15:18:18+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/#\\\/schema\\\/person\\\/d54386f99736367ec2789825fed93b4a\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665#primaryimage\",\"url\":\"https:\\\/\\\/www.gpsj.co.uk\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/IMG_3433e-scaled.jpg\",\"contentUrl\":\"https:\\\/\\\/www.gpsj.co.uk\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/IMG_3433e-scaled.jpg\",\"width\":1707,\"height\":2560},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?p=10665#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.gpsj.co.uk\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/#website\",\"url\":\"https:\\\/\\\/www.gpsj.co.uk\\\/\",\"name\":\"Government & Public Sector Journal\",\"description\":\"Public Sector, Government, business, stories and news along with latest developments, research, thought leadership, strategy, policy and insights\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.gpsj.co.uk\\\/#\\\/schema\\\/person\\\/d54386f99736367ec2789825fed93b4a\",\"name\":\"The GPSJ Team\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/13cdd73dc4abbd6e05b80a0562c7c553a9104ad2e5e96ee20afca2c462894143?s=96&d=blank&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/13cdd73dc4abbd6e05b80a0562c7c553a9104ad2e5e96ee20afca2c462894143?s=96&d=blank&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/13cdd73dc4abbd6e05b80a0562c7c553a9104ad2e5e96ee20afca2c462894143?s=96&d=blank&r=g\",\"caption\":\"The GPSJ Team\"},\"sameAs\":[\"http:\\\/\\\/gpsj.co.uk\"],\"url\":\"https:\\\/\\\/www.gpsj.co.uk\\\/?author=3\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems - Government & Public Sector Journal","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.gpsj.co.uk\/?p=10665","og_locale":"en_GB","og_type":"article","og_title":"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems - Government & Public Sector Journal","og_description":"Shannon Simpson By Shannon Simpson, CEO, Cyro Cyber The Cyber Security & Resilience Act (CSR) is making its way through Parliament in 2026. Assurance will no longer be enough with the new Act. For too long cyber security it has been an underfunded, poorly-supported, tick-box measure. The arrival of the CSR Act will change Continue reading The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems","og_url":"https:\/\/www.gpsj.co.uk\/?p=10665","og_site_name":"Government & Public Sector Journal","article_published_time":"2026-01-14T15:13:10+00:00","article_modified_time":"2026-01-14T15:18:18+00:00","og_image":[{"width":1707,"height":2560,"url":"https:\/\/www.gpsj.co.uk\/wp-content\/uploads\/2026\/01\/IMG_3433e-scaled.jpg","type":"image\/jpeg"}],"author":"The GPSJ Team","twitter_card":"summary_large_image","twitter_misc":{"Written by":"The GPSJ Team","Estimated reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.gpsj.co.uk\/?p=10665#article","isPartOf":{"@id":"https:\/\/www.gpsj.co.uk\/?p=10665"},"author":{"name":"The GPSJ Team","@id":"https:\/\/www.gpsj.co.uk\/#\/schema\/person\/d54386f99736367ec2789825fed93b4a"},"headline":"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems","datePublished":"2026-01-14T15:13:10+00:00","dateModified":"2026-01-14T15:18:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.gpsj.co.uk\/?p=10665"},"wordCount":983,"commentCount":0,"image":{"@id":"https:\/\/www.gpsj.co.uk\/?p=10665#primaryimage"},"thumbnailUrl":"https:\/\/www.gpsj.co.uk\/wp-content\/uploads\/2026\/01\/IMG_3433e-683x1024.jpg","keywords":["CAF","Cyber Assurance Framework","Cyber Security & Resilience Act (CSR)","Cybersecurity","Government Journal","GPSJ","GPSJ Magazine","IT","legacy","NCSC","public sector","Public Sector Journal","Public Sector Magazine"],"articleSection":["IT & IT Security"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.gpsj.co.uk\/?p=10665#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.gpsj.co.uk\/?p=10665","url":"https:\/\/www.gpsj.co.uk\/?p=10665","name":"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems - Government & Public Sector Journal","isPartOf":{"@id":"https:\/\/www.gpsj.co.uk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.gpsj.co.uk\/?p=10665#primaryimage"},"image":{"@id":"https:\/\/www.gpsj.co.uk\/?p=10665#primaryimage"},"thumbnailUrl":"https:\/\/www.gpsj.co.uk\/wp-content\/uploads\/2026\/01\/IMG_3433e-683x1024.jpg","datePublished":"2026-01-14T15:13:10+00:00","dateModified":"2026-01-14T15:18:18+00:00","author":{"@id":"https:\/\/www.gpsj.co.uk\/#\/schema\/person\/d54386f99736367ec2789825fed93b4a"},"breadcrumb":{"@id":"https:\/\/www.gpsj.co.uk\/?p=10665#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.gpsj.co.uk\/?p=10665"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.gpsj.co.uk\/?p=10665#primaryimage","url":"https:\/\/www.gpsj.co.uk\/wp-content\/uploads\/2026\/01\/IMG_3433e-scaled.jpg","contentUrl":"https:\/\/www.gpsj.co.uk\/wp-content\/uploads\/2026\/01\/IMG_3433e-scaled.jpg","width":1707,"height":2560},{"@type":"BreadcrumbList","@id":"https:\/\/www.gpsj.co.uk\/?p=10665#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.gpsj.co.uk\/"},{"@type":"ListItem","position":2,"name":"The Cyber Security & Resilience Act: How to avoid rip and replace in legacy systems"}]},{"@type":"WebSite","@id":"https:\/\/www.gpsj.co.uk\/#website","url":"https:\/\/www.gpsj.co.uk\/","name":"Government & Public Sector Journal","description":"Public Sector, Government, business, stories and news along with latest developments, research, thought leadership, strategy, policy and insights","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.gpsj.co.uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.gpsj.co.uk\/#\/schema\/person\/d54386f99736367ec2789825fed93b4a","name":"The GPSJ Team","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/secure.gravatar.com\/avatar\/13cdd73dc4abbd6e05b80a0562c7c553a9104ad2e5e96ee20afca2c462894143?s=96&d=blank&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/13cdd73dc4abbd6e05b80a0562c7c553a9104ad2e5e96ee20afca2c462894143?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/13cdd73dc4abbd6e05b80a0562c7c553a9104ad2e5e96ee20afca2c462894143?s=96&d=blank&r=g","caption":"The GPSJ Team"},"sameAs":["http:\/\/gpsj.co.uk"],"url":"https:\/\/www.gpsj.co.uk\/?author=3"}]}},"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/10665","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10665"}],"version-history":[{"count":8,"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/10665\/revisions"}],"predecessor-version":[{"id":10676,"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/10665\/revisions\/10676"}],"wp:attachment":[{"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10665"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10665"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gpsj.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10665"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}