CBN Newsletter | December 2025

Our monthly update bringing you the relevant, high-level policy and business news from across the cyber sector. 

This month, we take a look at our Inaugural Parliament & Cyber Conference, the Government’s Autumn budget, alongside a raft of other public and private sector announcements.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch. 

never miss a thing

Sign Up to Hear about News and events

Sign up

Headlines

Security Minister speaks at Parliament and Cyber Conference 

Minister for Security Dan Jarvis delivered the keynote speech at our first Parliament and Cyber Conference 2025, in which he called for stronger cyber resilience across government, business and society with the escalation of cyber threats in a hyper-connected world. 

Jarvis highlighted how, if cybercrime were an economy, it would be the third biggest in the world with global scams expecting to cost $27 trillion a year by 2027. The government is seeking to act with both legislation and policy, including the recently introduced Cyber Security and Resilience Bill, and the Counter Political Interference and Espionage Action Plan as well as support of the NCSC.

During his address at the conference, Jarvis noted that “Our tech sector is one of the most crucial chips in the economy’s motherboard. One that takes its cyber security seriously. I hope that, through Government support and their own initiative, that the rest of our business leaders follow in your footsteps.”

Government’s publishes Cyber Security and Resilience Bill

The Government introduced the Cyber Security and Resilience Bill for its First Reading in the House of Commons on 12 November 2025, marking the first time a UK Bill has included “cyber” in its title. The legislation represents a significant effort to modernise the UK’s cyber framework by expanding the scope of regulated services, strengthening reporting requirements and providing regulators with enhanced tools to enforce compliance. It builds on the Cyber Governance Code of Practice published in April 2025 and further develops the UK’s NIS regime, bringing it closer, though not fully in line with, the EU’s NIS2 directive.

The Bill widens the range of organisations subject to cybersecurity standards, introducing data centres as essential services under joint oversight from Ofcom and the DSIT Secretary of State.The Bill also, amongst other provisions:

Please contact secretariat@cb-network.org for more information on the Bill.

Policy panel: Designing a resilient future

At the Parliament and Cyber Conference, during the Panel “UK cyber policy: designing a resilient future”, speakers, including Cyber Innovation APPG officer Alison Griffiths MP, and Jonathon Ellison, National Resilience Director at the NCSC  emphasised the scale of the challenge and the importance of ensuring the Bill is implemented in a way that is both effective and proportionate. 

Across our events, there was clear consensus from both public and private sector voices on the need for sustained cross‑collaboration as the Bill progressed through Parliament, with particular focus on proportional definitions, workable reporting obligations and transparent approaches to designating critical suppliers.

Innovation panel: Securing our future in a world of AI and quantum 

The second panel at Parliament and Cyber Conference 2025, titled  “The next frontier: securing our future in a world of AI and quantum,” examined how emerging technologies are reshaping both opportunity and risk for the UK.

Artificial intelligence was discussed as a major driver of growth and productivity, but panellists underlined how it has already begun to transform the cyber threat landscape. Panellists highlighted escalating AI enabled fraud, the potential misuse of generative tools, and complex questions of accountability in autonomous defence systems. Looking ahead, they noted that the emergence of quantum computing could further disrupt existing cyber security protocols and undermine many of today’s cryptographic standards.

The panel focused on how the government can respond with agile and effective policy, working closely with industry to strengthen resilience and protect both the economy and wider society. 

Speakers included Daniel Aldridge MP, Chair of the APPG for Cyber Innovation, Zeki Turedi, Field CTO at CrowdStrike, Shaukat Ali Khan, CDIO at NHS West Yorkshire, Dr Melanie G., Associate Professor at UCL, and Sean Remnant, CSO at Exclusive Networks. 

Insights

What to expect in 2026 from CBN

Following our Conference it was clear that cyber resilience is now firmly established as a national priority.

With more than 150 parliamentarians, policymakers, academics and industry leaders there was a clear consensus from both public and private sector voices emphasising the need for sustained cross‑collaboration as the Bill progresses through Parliament, with particular focus on proportional definitions, workable reporting obligations and transparent approaches to designating critical suppliers.

In 2026, CBN looks forward to working constructively with the Government as it sets out its plans across Cyber Security, most notably the Cyber Security & Resilience Bill, as well as the forthcoming  National Cyber Action Plan, and broader government approaches. We are excited to develop on the progress made this year, including supporting the APPG for Cyber Innovation, to create further opportunities for engagement with key stakeholders. 

Please do get in touch with the team at secretariat@cb-network.org for more information. 

Policy & Political

Autumn Budget 2025

After much speculation and anticipation, the Chancellor’s Autumn Budget was unveiled – albeit  following a premature leak from the Office for Budget Responsibility

The Budget was presented as making the “fair and necessary choices” to ease pressures on households, strengthen public services and support growth. 

Cyber was predominantly absent from the Chancellor’s Budget speech. With her self-imposed rules preventing rises to income tax, National Insurance or VAT, she instead relied on freezing income thresholds and introducing a series of wider tax increases to reduce borrowing and create future fiscal headroom. Business rates for retail, hospitality and leisure will be permanently lowered, funded in part by higher rates for the most expensive properties. Notably: 

Technology also featured prominently, with commitments on AI infrastructure and data centres, new AI Growth Zones and a brief reaffirmation of previously published digital ID plans in the context of immigration control and efficiency savings, as well as reaffirmation of defence spending targets. 

Ministers and NCSC write to small business on cyber security

Minister Liz Lloyd, Minister Blair McDougall and the National Cyber Security Centre (NCSC) CEO Richard Horne have written to small businesses reminding them of the resources available to them to ensure that  they remain cyber secure – including the free Cyber Action Toolkit, Cyber Essentials, and Action Fraud.

The signatories urge small businesses to take these steps to remain resilient in the face of increasing cyber attacks; half of small businesses in the UK report having suffered a cyber attack in the previous 12 months and 35% of micro businesses reported phishing attacks.

The NCSC has also published a dedicated blog on these available resources, which can be seen here.

NCSC Stop! Think Fraud campaign

The NCSC has launched a nationwide Stop! Think Fraud campaign, offering advice to individuals and small businesses ahead of the busy festive period. The campaign encourages online shoppers to follow tips from the Home Office and the NCSC to avoid online scams, with individuals encouraged to report suspicious activity to the NCSC. 

Cyber recruits graduate from Defence Cyber Academy

An inaugural group of around 30 graduates will enter operational roles in cyber defence following their training at Defence Cyber Academy on their fast-track Cyber Direct Entry programme, with new training places available for people aged 18-39 for 2026.

The graduates will be joining the new Defence Cyber & Electromagnetic Force (DCEMF).

The entry route sees basic training reduced from 10 weeks to around one month, after which recruits undergo three months’ specialist training. 

In 2025, the UK faced 18 major cyber incidents – an almost 50% increase on the previous year and the third consecutive annual rise.

Research and analysis: Research on mapping the AI and software cyber security services market

The government is carrying out research on mapping the AI and software cyber security services market. Commissioned by DSIT, this project aims to better understand the skills, services, and tools available to support organisations in the UK in meeting the requirements of the Global Standard for AI Cyber Security and the Software Security Code of Practice.

The research will build on this market analysis, and will consist of a telephone survey of UK-based organisations that provide AI and/or software cyber security services.

NCSC Updates

Parliamentary Questions

This past month, questions were answered on army recruitment into their cyber stream, the growth of a grey area in cyber defence investment, and cyber-security based amendments to regulations of telecoms infrastructure One debate highlighted the role of the Council of Europe in tackling cyber crime, and the yearly debate on Remembrance Day outlined the growth of military personnel specialising in cyber warfare. The need to highlight cybersecurity training amongst SME’s was outlined,  and the House of Commons Business and Trade Committee outlined the need for cybersecurity to form part of an economic security safeguard for businesses. The Government further announced cyber counter-measures against Chinese espionage. 

Business & Industry

Major UK altnet data breach highlights supply chain risk

Alternative broadband provider Brsk, which recently merged with Netomnia, reported a major DDoS customer data breach that reportedly exposed around 230,000 customer records for sale on a hacking forum. The compromised database included names, email addresses, physical addresses, phone numbers, installation and booking details, internal IDs, location data and indicators of vulnerable customer status, although Brsk stated that no financial information, passwords or login credentials were affected.

Cyber attack on London councils triggers emergency response

Westminster City Council and the Royal Borough of Kensington and Chelsea activated emergency and business continuity plans following a cyber attack that disrupted shared IT systems and phone lines. Working with cyber specialists and the National Cyber Security Centre, both councils focused on maintaining critical services and support for vulnerable residents while systems were taken offline and restored.

The Information Commissioner’s Office was notified and investigations into the source, scale and any potential data compromise are ongoing. Other London boroughs, including Hammersmith and Fulham, were also believed to have been affected and were advised to warn staff about phishing risks, including suspicious emails and unexpected links, as services were not expected to be fully restored until later in the week.

KawaiiGPT shows how free AI tools are lowering the barrier to cybercrime

The growing use of KawaiiGPT has been outlined as aiding in lowering the barrier to commit cybercrime. KawaiiGPT, a free, open source “black hat” large language model that has been available since July 2025 and is now at version 2.5. Unlike paid tools such as WormGPT, KawaiiGPT could be installed from GitHub in minutes and used via a simple command line interface to generate convincing phishing emails, ransomware notes and working attack scripts, enabling even low skilled individuals, referred to informally as “script kiddies”, to launch sophisticated campaigns. With hundreds of users coordinating via Telegram, the tool illustrated how freely available offensive AI was compressing attack cycles and eroding traditional warning signs such as poor grammar, reinforcing the need for AI aware email filtering, anomaly detection and broader defensive controls.

Cyberattack exposes customer data of major financial institutions 

Real estate finance and tech vendor SitusAMC disclosed a cyber attack that may have exposed customer data from several leading US banks, including JPMorgan, Morgan Stanley and Citi, as well as other top‑tier institutions. The firm, which processes mortgage payments and manages real estate loan data for many of the top 20 US banks, reported that corporate accounting records, legal agreements and some client customer details were accessed, although no encrypting malware was involved. The incident currently remains under FBI investigation.

Events

Members should keep their eyes peeled as we will be launching our 2026 events and activity in the coming weeks.

Partner Events

Sign up for the CCUK Fraud Summit 2026

We are excited to announce the return of our highly anticipated Fraud Summit 2026, bringing together the industry’s most authoritative voices. CCUK is currently looking sponsors for the event, and has a range of sponsorship packages. 

Join CCUK on Wednesday 15th April 2026 at One Birdcage Walk in London for our second annual summit. We’ve built on the success of last year to create an even more powerful, insightful agenda focused on actionable intelligence and collaborative solutions.

This is your opportunity to gain unparalleled access to the decision-makers and experts who are shaping the UK’s response to security threats.

This year’s programme will feature an elite lineup of speakers from every critical sector, ensuring you get a 360-degree view of the fraud landscape. Connect with industry peers and key stakeholders in a focused, professional setting.

CBN members get discounted tickets, secure yours here

Would you like to raise your company profile by being the event’s supporter? Check our sponsorship pack here and contact team@commscouncil.uk for more information. 

Please do contact team@commscouncil.uk for more information. 

About CBN

The Cybersecurity Business Network is a coalition of leading UK-based organisations committed to strengthening the nation’s cyber resilience, fostering innovation and supporting economic growth. Through collaboration and knowledge sharing, we empower our members to drive growth and set standards for excellence across the UK cyber sector.

As a member-led network, our ambition is to serve as the unified voice of the UK cyber industry, championing its interests, amplifying its potential, advocating for greater engagement and support from government, media, and the wider business community.

Membership to CBN is free for all cybersecurity organisations. If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.

Security minister Dan Jarvis doubles-down on government vision for UK’s cyber resilience and security at Parliament & Cyber conference

London, UK – 25th November 2025: The future plans surrounding UK cybersecurity resilience took centre stage yesterday at the inaugural Parliament & Cyber Conference 2025, hosted by the Cybersecurity Business Network (CBN), a UK coalition of cybersecurity organisations. This conference comes at a critical time as the risk landscape is worsening across the UK and just days after the announcement of the Cyber Security and Resilience (CSR) Bill that will bring data centres and Managed Service Providers into the scope of existing cyber regulations.

Keynote speaker and Security Minister, Home Office & Cabinet Office, Dan Jarvis MP, set the tone for the day by highlighting the government’s all-of-society approach to strengthening our national cyber resilience:

“Parliament and tech are now becoming inseparable. The pace of change is only accelerating and the speed in which new technology is introduced and adopted is becoming shorter and shorter.

“Technology enhances everything we do. It keeps our democracy transparent, it keeps our businesses successful, it keeps people connected and safe. 

“But this interconnection between technology and society can be exploited by those who seek to cause us harm. 

“Many of you in this room lead by example. I hope that, through Government support and their own initiative, that the rest of our business leaders follow in your footsteps.”

The conference hosted by Matt Warman, Chair of CBN and former UK Minister for Digital and Broadband brought together over 150 leaders from government, industry, and academia and some insightful panel discussions. The speakers include Jonathon Ellison OBE, Director of National Resilience for the National Cyber Security Centre (NCSC); Shona Lester, Head of the Cyber Security and Resilience Bill Team at DSIT; Daniel Aldridge MP, Chair of the APPG for Cyber Innovation; Alison Griffiths MP, Chris Francis, Director Government Relations at SAP, Zeki Turedi, Field CTO, Europe at Crowdstrike amongst others.

The panel discussion on the CSR Bill highlighted that there is no single solution for cyber resilience. Instead, panellists stressed that building maturity and a multi-layered approach across organisations is essential to reducing risk at scale. Outdated practices among many businesses, such as neglecting software updates, are no longer acceptable, underscoring the need for clear, harmonised legislation to push organisations to a place of protection. 

“The Cyber Security and Resilience Bill is an important step in fortifying the UK’s cyber defences in today’s evolving and complex cyber landscape. However, it’s crucial to work closely with industry, academia, and the public sector to ensure organisations build the agility and resilience they need to withstand and recover from attacks” explained the Director for Cyber Security and Digital Identity at DSIT.

“The Cyber Security and Resilience Bill’s stricter incident reporting requirements, now set at 24 hours, and the broadening of reportable incidents, are positive steps towards public transparency. However, it will be vital to consult widely with industry, especially around definitions and future regulatory direction” said Matt Warman, Chair of CBN. 

As quantum and AI threats emerge, the second panel discussion emphasised the urgent need to improve cyber awareness and education at every level. Many individuals and businesses remain unprepared for these evolving risks, and current initiatives are falling behind. Increasing investment in cyber education and skills, ensuring everyone understands their role in resilience, should be a top priority for both government and industry, to keep the UK at the forefront of global security.”CBN is committed to championing the vital role of the UK’s cyber sector by providing an important conduit for the industry to collaborate with policymakers to strengthen economic growth, innovation and public trust in this flourishing sector. Today’s conference showcased the power of bringing together expertise from across the ecosystem. As we look to 2026 and beyond, the UK must stay ahead of the curve, ensuring our policy, investment, and innovation strategies keep pace with the evolving threat landscape.” Matt added.

CBN Newsletter | August 2025

Our monthly update to bring you the relevant, high-level policy and business news from across the cyber sector. 

This month, we take a look at the Government’s overview of submissions to the Ransomware Consultation, Government Resilience Action Plan, and a raft of other public and private sector announcements.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch. 

never miss a thing

Sign Up to Hear about News and events

Sign up

Headlines

Consultation response: Ransomware

Following on from the consultation in the Spring, Ransomware: proposals to increase incident reporting and reduce payments to criminals, the Home Office has published an overview of submissions and its response. 

Overall, the feedback on the proposals was “positive and constructive”, and the Government intends to move forward with all three of its proposals, bringing in legislation around this.  

The Government has promised to publish “detailed guidance” before new reporting obligations come into force, as concerns from the NCA and other groups remain that these proposals may not have the deterrent effect the Government is hoping for. A representative from RUSI noted that the ransomware ban might not have the desired effect of deterring criminals from attacking UK CNI, and in fact make it harder for businesses to recover; he also called for more resources for the NCSC and NCA to cope with the increase in reporting.  

In addition, the Home Office is also reviewing the Computer Misuse Act (1990) and an update to this may be introduced alongside ransomware legislation. 

Research conducted by Commvault has found that 75% of UK business leaders would risk criminal charges and break a ransomware payment ban if it applied to the private sector. The study, which surveyed leaders from companies valued at over £100 million, interestingly also revealed that 96% believe such payments should be banned across both the public and private sectors.

Government Resilience Action Plan

The Cabinet Office has published its new “Government Resilience Action Plan”, outlining a strategic approach to enhancing the nation’s preparedness against various complex risks, including pandemics, cyber-attacks, climate change, and geopolitical instability.

The plan revolves around three main objectives: firstly, to continuously assess risks and resilience through improved data-sharing and science-based analysis; secondly, to promote whole-of-society engagement by providing communities, businesses, and critical infrastructure with enhanced tools and training; and thirdly, to fortify public sector systems through clearer roles, stronger local leadership, and independent oversight.

The plan mentions a commitment to build a new Cyber Resilience Index (CRI) to provide a cross-sector, holistic overview of cyber resilience for UK CNI to target resilience building efforts, as well as the Home Office’s work to progress their ransomware proposals and the upcoming Cyber Security and Resilience Bill (no specific date given). 

If you would like to get involved in our work or have questions, please contact us at secretariat@cb-network.org.

Insights

CBN Supports New Roadmap for UK Cyber Workforce Development

A new whitepaper from the East Midlands Cyber Security Cluster, supported by the All-Party Parliamentary Group (APPG) for Cyber Innovation, sets out a roadmap to address the UK’s ongoing cyber workforce challenges. The Cybersecurity Business Network (CBN), as Secretariat to the APPG, supported the drafting and publication of this report, including the foreword and recommendations to Government.

Authored by Dr Ismini Vasileiou , the report explains the need for a UK-wide cyber skills taxonomy. It highlights that the current landscape is fragmented, with too many frameworks, inconsistent job descriptions, and a persistent gap between what education provides and what industry needs.The report explains the need for a UK-wide cyber skills taxonomy. It highlights that the current landscape is fragmented, with too many frameworks, inconsistent job descriptions, and a persistent gap between what education provides and what industry needs.

Some of the main recommendations are: a DSIT-led taskforce to create a national taxonomy for cyber skills; a national body to manage this taxonomy; steps to encourage employer adoption of skills-based recruitment; better alignment between education and real-world cyber jobs; and national support for regional cyber skills programmes.

For cyber businesses, this unified approach would make hiring and developing talent clearer and more consistent. It would also help inform training and qualifications, improve diversity in the sector, and ensure the workforce can keep pace with new threats, especially as technology changes.

CBN looks forward to working further with the East Midlands Cluster and the APPG for Cyber Innovation to take this work forward in the autumn. We encourage our members to get involved with this effort as we look to help shape the future of the UK cyber workforce.

Policy and Political

Update on M&S and Co-Op cyber attacks 

The House of Commons Committee on Business and Trade’s Sub-Committee on Economic Security, Arms and Export Controls heard a series of evidence sessions, which looked at the UK’s wider economic security, with particular lines of questioning revolving around the recent attacks. 

In the first session, representatives from the Blavatnik School of Government highlighted that evolving cyber threats now include the risk of large-scale disruption to critical services. NCC Group emphasised the increasing risk from the convergence of state and criminal cyber actors and underlined the value of strong public-private partnerships, and RUSI suggested that mandatory cyber incident reporting and improvements in cyber insurance would strengthen national cyber resilience.

The second session, with senior representatives from the NCA, City of London Police, and the NCSC, focused on the UK’s ability to respond to growing cyber threats and the challenges faced by both public and private sectors. Representatives also underlined the increasing complexity and scale of cyber threats, and stressed the need for improved basic cyber hygiene, collaborative incident response, and stronger international cooperation to keep pace with a rapidly evolving threat landscape.

Finally, in response to the recent cyber attacks faced by their companies, the representatives from Marks & Spencers (M&S) emphasised the importance of a rapid counter-response, board-level focus and improved Government coordination, as well as investment in IT and cybersecurity modernisation.Representatives from Co-Op also argued that layered cyber defences, crisis planning and industry-wide collaboration on cyber resilience were valuable assets to limit the impact of cyber attacks and prevent ransomware deployment.

Government ministers responded to the committee inquiry largely in agreement, with a strong consensus that coordinated action across departments, robust risk assessment, and close collaboration with business, especially in supporting SMEs and critical sectors was necessary whilst acknowledging that public-private partnership and whole-of-society engagement must evolve to meet rapidly changing threats.

The NCA said two 19-year-old men, a 17-year-old boy and a 20-year-old woman had been apprehended in connection with the attacks, on suspicion of breaching the Computer Misuse Act, blackmail, money laundering and joining the activities of organised crime. 

Defence Committee publish report on “grey zone” threats 

The Defence Committee has published its latest report, “Defence in the Grey Zone”, which examines how the UK is dealing with threats that fall below the level of armed conflict. These threats include sabotage, espionage, cyber-attacks and disinformation.

The report highlights a sharp rise in cyber-attacks targeting the UK, particularly from hostile states such as Russia. The Ministry of Defence (MOD) and the National Cyber Security Centre (NCSC) have seen significant increases in the number and sophistication of attacks.

A key concern is the vulnerability of critical national infrastructure (CNI), such as undersea data cables and energy pipelines. The report notes that disruption to these systems could have a major impact on the UK’s economy and society.

The Committee found that many cyber threats exploit the weakest links in the digital supply chain. This includes public and private organisations that support defence, such as contractors and service providers; a recent example is a breach involving armed forces payroll data held by a contractor. The report also stressed  the need for a “whole of society” approach to resilience. It encourages the MOD to work with other Government departments, alongside industry, education institutions and communities to raise awareness of cyber threats and improve preparedness.

Key recommendations

CBN members who  would like to discuss the findings further are encouraged to contact secretariat@cb-network.org.

NCSC updates

Parliamentary questions

This month, members raised questions around data breaches of legal aid providers, civil contingency planning around CNI cyber attacks in Northern Ireland, maintaining common cyber standards with international partners. Members of the House of Lords raised questions on state-backed cyber attacks, the vulnerability of Government digital systems against cyber, and a question on the Afghanistan data loss incident.

Business & Industry

BBC Panorama report highlights the rising threat of ransomware attacks 

A recent BBC Panorama documentary explores how ransomware attacks continue to pose a significant threat to UK businesses, with incidents leading to severe operational disruption and, in some cases, business closure. 

The NCSC and NCA report a rising frequency and sophistication of such attacks, driven by both organised crime and individuals employing social engineering techniques. The current absence of mandatory reporting means the real extent of the issue may be underrepresented, and officials emphasise the growing national security risk posed by ransomware, noting the need for improved baseline cyber hygiene, organisational resilience, and consideration of further regulatory measures.

Cybersecurity professionals under increasing pressure from complex risks

A recent Bitsight report finds that UK cybersecurity leaders are under increasing pressure from complex risks, higher board expectations, and new compliance demands. While UK organisations are more likely than their global peers to monitor third-party cyber risks, few are able to turn this data into practical intelligence that informs decision-making or board discussions. 

Only a minority of firms have mature, well-aligned cyber risk management programmes, and compliance remains a low priority even as new rules come into force. Burnout amongst UK cybersecurity professionals remains high, with 59% of professionals reporting stress or exhaustion, and more than half of firms struggle to communicate cyber risks in terms the board understands. The report highlights a growing gap between monitoring activity and the ability to use that information to strengthen resilience and meet business goals.

Greater appetite amongst reinsurers to explore cyber-based diversification strategies 

Despite a recent series of international cyber-attacks targeting retail, the European cyber insurance market has maintained lower premiums, broad availability of cover, and more favourable terms for buyers. According to industry commentary, these incidents have not resulted in claim volumes or losses large enough to prompt a shift towards a harder market, and a significant systemic event would be needed to change current market conditions.

Softer market conditions in both primary insurance and reinsurance are prompting more reinsurers in 2025 to explore diversification strategies, with a particular focus on emerging risks such as cyber. The cyber insurance market is being identified as a key growth area as traditional lines see supply beginning to outpace demand. The evolving nature of cyber risk, limited historical loss data, and ongoing uncertainty over risk accumulation present a complex landscape for reinsurers. 

Events

Invitation: West Yorkshire ICB Distinguished Lecture Series

CBN members are invited to take part in the new West Yorkshire Integrated Care Board Distinguished Lecture Series. 

This programme, delivered in partnership with the West Yorkshire Innovation Hub, will run over the next year and feature expert speakers from the UK and abroad. Topics will include digital health, data-driven innovation, and technology in care.

Why attend?

Who can join?
The series is open to all staff across West Yorkshire’s health and care system, including digital and non-digital professionals, provider organisations, the VCSE sector, social care staff, and universities.

Register for the first session:
Click here to book your place

Feel free to share this invitation with colleagues. We hope you can join and benefit from these insightful events.

Invitation: Parliament & Cyber Conference 2025 – Sponsorship and Registration Now Open

CBN is hosting the inaugural Parliament & Cyber Conference on 24th November 2025 in the Houses of Parliament, Westminster. 

This event will bring together senior executives, parliamentarians, policymakers, and sector leaders to collaborate on the future of cyber resilience, innovation, and growth in the UK.

Why Attend?

Sponsorship Opportunities
Sponsoring the Parliament & Cyber Conference places your organisation at the centre of vital cyber policy conversations. Sponsors benefit from:

Registration – priority for full members
Due to limited capacity, registration is open to all but will prioritise full CBN members and event sponsors. To secure your place, please register your interest using the link provided. Multiple attendees from your organisation may be registered, but all emails are required.

Non-members and associate members are welcome to register but will be placed on a waiting list. To ensure your spot, consider upgrading to full membership or becoming an event sponsor.

Register your interest now to take part in the UK’s premier cyber security conference and help shape the future of national resilience.

For registration and sponsorship enquiries, please contact: Krystian@cb-network.org

About CBN

The Cybersecurity Business Network is a coalition of leading UK-based organisations committed to strengthening the nation’s cyber resilience, fostering innovation and supporting economic growth. Through collaboration and knowledge sharing, we empower our members to drive growth and set standards for excellence across the UK cyber sector.

As a member-led network, our ambition is to serve as the unified voice of the UK cyber industry, championing its interests, amplifying its potential, advocating for greater engagement and support from government, media, and the wider business community.

Membership to CBN is free for all cybersecurity organisations. If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.

CBN Newsletter | July 2025

Our monthly update to bring you the relevant, high-level policy and business news from across the cyber sector. 

This month, we take a look at the Government’s new Industrial Strategy, Cyber Growth Action Plan, and a raft of other public and private sector announcements.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch. 

never miss a thing

Sign Up to Hear about News and events

Sign up

Headlines

Government published Modern Industrial Strategy 

Last month, the Department for Business and Trade (DBT) unveiled its long-awaited Modern Industrial Strategy, a ten-year long plan to increase economic growth and foreign direct investment in the UK, which focuses on eight growth-driving sectors.. 

The strategy has a strong focus on cybersecurity, with Chapter 3.3 of the Digital and Technology Plan dedicated solely to cyber. Viewed as a driver of growth and security, the plan states that the Government will aim to attract investors and support innovation across cyber skills, R&D, infrastructure, regulation and international partnerships; this is also supported by the billions in extra funding awarded to the Department for Science, Innovation and Technology (DSIT) in the recent Spending Review. 

Key commitments include:

Separately, the  Government has also recently published the 10-Year Infrastructure Strategy, which pledged at least £725 billion in public funding over the next decade to update the UK’s economic and social infrastructure. 

Further, they also released the National Security Strategy (NSS); in recognising our reliance on digital infrastructure could increase vulnerabilities to cyber attacks, the strategy outlined the Government’s commitments to improving national security – most notably, it announced that a dedicated National Cyber Strategy will be published later this year to outline the Government’s approach to cybersecurity resilience, alongside a further Resilience Strategy targeting a broader range of risks and the upcoming Cyber Security and Resilience Bill, expected later this year. 

If you have any questions regarding the Government’s work in this area, please contact us at secretariat@cb-network.org. 

Cyber Growth Action Plan 2025

The government published the terms of reference for a new Cyber Growth Plan, which will identify possibilities for growth in the UK’s cyber sector. Led by Bristol University and Imperial College London, the recommendations are expected to be published “later this summer”. 

Specifically, the review will cover the supply and demand of cyber goods and services, such as protective monitoring and encryption, identifying potential areas to capitalise on as well as explore the possibilities associated with AI and quantum. The Plan will feed into the forthcoming National Cyber Strategy.


 

Insights

Why Cybersecurity Needs Storytellers

How comms can combat misinformation and build trust

Liva Emmatty, our Communications Lead here at CBN, writes about how cybersecurity is as much about people and trust as it is about technology. With social media now the main news source for over half the global population, the spread of misinformation can leave organisations exposed to confusion and reputational harm.

Communications professionals in cybersecurity have a crucial role in busting common myths, simplifying technical concepts through relatable storytelling, and engaging with policymakers to ensure cyber policy reflects real-world challenges, and can help organisations prepare for crises by monitoring misinformation and responding quickly and clearly.

Interested in learning more about how you can benefit from communications support? Reach out to the CBN secretariat at secretariat@cb-network.org

News Updates

Political and policy updates

UK and Canada commit to cybersecurity cooperation

The UK and Canada have agreed to increase collaboration on cybersecurity as part of their broader partnership. This includes joint efforts to counter malicious cyber activity, information manipulation, and digital transnational repression. 

The countries are launching the Joint Canada-UK Common Good Cyber Fund, with $5.7 million (£ ) in initial funding, to support civil society organizations at high risk from digital threats. Both countries will also work together to develop secure communications products, advance cryptography, and start new research partnerships to address gaps in AI security and improve AI models for national security purposes.

Ministerial comment on cyber and undersea cable threats

The Parliamentary Under-Secretary of State for Defence, Luke Pollard, said during a National Security Strategy Committee inquiry session that the Submarine Telegraph Act 1885, which imposes fines of up to £1,000 for cable sabotage, is somewhat “out of step” with modern-day risk, and the government may look to update the legislation in coming years. 

Telecommunications Minister Chris Bryant explained that while current laws are functional for peacetime, there is a gap in how the UK addresses “grey zone threats”. He explained that the government is looking at creating a defence readiness bill in future, as noted in the recent Strategic Defence Review. 

Threats to undersea cables pose a significant risk to the UK cyber industry by jeopardising the secure and reliable flow of data that underpins its operations and services. This session was part of a larger inquiry into the security of the UK’s undersea cables, which is set to be published later this year. 

Parliamentary report on Iranian cyber threats

report from Parliament’s Joint Intelligence and Security Committee has warned that Iran poses a significant and persistent cyber threat to the UK, on a par with those from Russia and China. 

The report, which is based on classified intelligence and expert interviews, highlighted the damage caused by Iranian cyber attacks targeting UK companies, as well as ongoing efforts by the Islamic Revolutionary Guard Corps (IRGC) to conduct hostile operations within the UK. It also outlines the various measures the UK has taken to respond, including “offensive cyber” and to address “cyber espionage”. 

Parliamentary questions

This month, members raised questions around ensuring the resilience of 6G infrastructure against cyber threats, the investigation into recent cyber attacks on Marks and Spencers and the support of high street retailers (also here) against these attacks. A member also asked about the safeguarding of air traffic control from cyber threats. Finally a member from the House of Lords raised a question on public cybersecurity vacancies and contracting. 

NCSC updates

Business Updates

Cyber security investment drives growth but threat landscape intensifies

UK businesses are generating an estimated £27bn in additional annual revenue from investing in cyber security, according to research by ESET, a global cyber security provider. The data shows that 53% of UK firms report increased turnover linked to cyber investment, with 70% of those attributing growth to winning new business due to strong cyber credentials. 

44% of firms reported that robust cyber security has enabled them to take more risks, such as entering new markets or adopting new technologies. However, the retail and public sectors remain frequent targets. ESET also found that 53% of UK firms have suffered at least one cyber attack, and that cyber crime has cost UK businesses £63bn in the past three years. 

It was further reported that 77% of firms plan to increase their cyber security budgets as they increasingly see digital resilience as a commercial asset rather than just risk mitigation. Despite this, only 12% fully outsource their cyber operations, and 69% have experienced ransomware breaches.

Four arrested over cyber-attacks on M&S, Co-op and Harrods

The National Crime Agency (NCA) said two 19-year-old men, a 17-year-old boy and a 20-year-old woman had been apprehended on suspicion of breaching the Computer Misuse Act, blackmail, money laundering and joining the activities of organised crime.

About CBN

The Cybersecurity Business Network is a coalition of leading UK-based organisations committed to strengthening the nation’s cyber resilience, fostering innovation and supporting economic growth. Through collaboration and knowledge sharing, we empower our members to drive growth and set standards for excellence across the UK cyber sector.

As a member-led network, our ambition is to serve as the unified voice of the UK cyber industry, championing its interests, amplifying its potential, advocating for greater engagement and support from government, media, and the wider business community.

Membership to CBN is free for all cybersecurity organisations. If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.

Founded by Clarity

Global digital marketing and communications agency, providing fearless marketing and consultancy to the world’s most progressive companies.

We match data-driven science with human ingenuity to expand our full-funnel, specialist services and expertise. Our vision is to accelerate positive change and impact across the world. A firm believer of cybersecurity as an enabler of growth and resilience, we are proud to driving its prosperous impact forward. Get in touch with secretariat@cb-network.org to understand more on how Clarity can enhance reputation, create impact, and drive growth in your organisations.


Former Minister for Digital and Broadband Matt Warman announced as Chair of Cybersecurity Business Network

This appointment signifies ambitious growth, impact and value of the network as it seeks to create a platform for collaboration across UK cyber

This appointment signifies ambitious growth, impact and value of the network as it seeks to create a platform for collaboration across UK cyber

The Cybersecurity Business Network (CBN), is delighted to announce the appointment of former UK Minister for Digital and Broadband, Matt Warman, as Chair of the CBN. Matt’s appointment comes at a critical time for the UK’s cybersecurity sector, as recent high-profile cyberattacks across sectors have underscored the urgent need for enhanced industry collaboration, resilience and the right regulatory approach.

As Chair, Matt will spearhead the continued growth of the network, engaging various stakeholders from the private and public sectors, and championing the UK cyber sector as CBN aims to become a single unifying voice for UK based cyber organisations.

I am delighted to be joining the Cybersecurity Business Network as Chair. The UK’s dynamic and innovative cybersecurity industry is in need of a strong voice as it becomes an increasingly important sector both for economic growth and strengthening resilience…

As we have seen in recent months, malicious cyber attacks and geopolitical threats have presented UK businesses and consumers with a clear warning about how destructive cyber attacks can be, and we need to stay ahead of the curve. CBN is leading the industry collaboration by linking government, industry, and the media to strengthen defences and promote growth.

Matt Warman, Chair of CBN and Former Minster for Digital & Broadband

During his tenure as Minister for Digital, Matt developed the Government Cyber Security Strategy alongside the NCSC to improve cyber resilience in the public sector. He stimulated growth of the UK’s cyber sector with a 21% increase in start-up and scale up UK organisations, created an environment that enabled approx £2.6 billion of public and private investment to strengthen resilience and lay the foundation for the UK to become a leading global cyber innovator. Prior to government, Matt was a renowned technology journalist and worked as the Technology Editor for the Daily Telegraph.

Since the start of 2025, CBN has grown its presence in the UK cybersecurity landscape by expanding its membership and strengthening its partnerships. A key milestone was helping to establish the All Party Parliamentary Group (APPG) for Cyber Innovation (CBN runs the Secretariat) alongside parliamentarians, including Dan Aldridge MP, which has enabled a forum for MPs to connect with industry on cybersecurity’s most critical challenges. This announcement comes on the back of the latest report by the APPG for Cyber Innovation which explored and provided feedback on the development of the UK’s first ever dedicated Cyber Security and Resilience (CSR) Bill expected later this year.

“We’re very pleased to welcome Matt as our new Chair. His leadership comes at a crucial time for our organisation as we continue to grow and work to ensure the cybersecurity sector is properly represented. The recent high-profile cyber-attacks are a stark reminder of the need for a strong and unified cybersecurity industry – not only for protecting people and businesses, but also for supporting the UK’s economy and overall resilience. With Matt at the helm, we’re looking forward to championing the sector’s value, driving innovation, and helping to secure both economic growth and public confidence.

Nick Lansman, Founder of CBN

In addition to acting as a spokesman for CBN, he will also play a central role at the network’s events, chairing and supporting members as CBN looks to bring together industry, politics and media to drive collaborative and productive outcomes.

“As Chair, I will look to build on the initial success of the network, helping its growth, unifying our member community and championing our cyber security sector, enabling greater growth and public confidence. As part of this, I am most looking forward to hosting our inaugural Parliament & Cyber Conference in November, which will be a landmark event for the sector and Government as we collaborate on the path to growth and resilience.”

Matt Warman, Chair of CBN

Discover new opportunities by becoming a member of CBN today!

Through proactive engagement, deep collaboration, and expert consultation, we convene leaders from across the cybersecurity industry.

Join us

Media contacts:

For any media queries, please contact secretariat@cb-network.org

APPG for Cyber Innovation publishes feedback on the CSR Bill

The Cyber Innovation APPG publishes feedback on the upcoming Cyber Security & Resilience Bill. In this document, the All-Party Group provides an initial view on the upcoming Cyber Security and Resilience (CSR) Bill. It has been informed through a survey with 89 respondents from across the cyber sector and beyond, as well as input from a parliamentary roundtable discussion held under the Chatham House rule that brought together 17 representatives from Managed Service Providers (MSPs), cyber companies, academics and other organisations. 

This document is aimed at supporting the development of the CSR Bill, and the Cyber Innovation APPG would be happy to facilitate further engagement between the Department for Science, Innovation and Technology (DSIT), Parliament, and the wider sector. The Bill provides a unique opportunity to improve cyber security and resilience in the UK.

The report collated the feedback from the APPG’s initial call for input and made clear some clear asks – notably the need for the Bill to widen its scope. As the first Act of Parliament to include “cyber” in the title, representing a fundamental step forward in how the UK approaches digital security. However, there is concern that this historic opportunity is too narrowly focused on compliance and prevention and not sufficiently ambitious in tackling some of the wider challenges that the UK faces.

This bill is a historic opportunity to strengthen the UK’s cyber resilience, but we risk falling short if we don’t listen to those on the frontline.

“We’re calling on DSIT to open up the conversation, coordinate across government, to provide a timeline and process for tackling the urgent issues that are deemed out of scope. By future-proofing regulations and giving parliament a clear role in oversight, we can make sure the UK remains secure and competitive in a rapidly changing digital world.”

Dan Aldridge MP, Chair of the APPG for Cyber Innovation
READ THE FULL REPORT HERE

Become a Full Member of the Cybersecurity Business Network

Connect. Collaborate. Shape the Future of Cybersecurity in the UK.

We’re excited to share that CBN’s refreshed Membership Programme is now live – and we’ve already welcomed several new companies into the network.

Our Full Membership offer is open to all UK-based organisations with a vested interest in cybersecurity and provides access to a growing community of like-minded businesses working to promote innovation, share insights, and shape the future of cyber in the UK.

For all those that have previously signed up to our network, we would ask you to fill out the registration form on our website via the link below to remain as full members of the association.

Full Membership
Fee: £750 + VAT per annum

Membership includes:


We’re looking forward to bringing more organisations into the community and continuing to support the growth of the UK’s cyber ecosystem.

For any queries, please contact: secretariat@cb-network.org