Newsletter Archives - Cybersecurity Business Network

CBN Newsletter | March 2026

Our monthly update bringing you the relevant, high-level policy and business news from across the cyber sector.

This month, we examine the heightened threat against UK businesses following the outbreak of conflict in Iran, as well as reviewing the government’s new ‘lock the door’ strategy, and analysing the market impact of new AI cybersecurity tools.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch.

never miss a thing

Sign up for news and upcoming events

Headlines

NCSC warns UK organisations over heightened Iranian cyber threat

The National Cyber Security Centre (NCSC) has issued a warning to UK businesses, urging them to prepare for heightened risk from Iranian cyber attacks following Britain’s defensive support for US-Israeli military action against Iran.

The NCSC has urged all UK organisations, particularly those with assets, operations or supply chains in the Middle East, to urgently review and strengthen their cyber defences. While Iran is currently experiencing internet outages as part of their wider communications blackout, the NCSC says state-sponsored hacking groups retain the capability to conduct cyber operations against the UK.

Iran’s Islamic Revolutionary Guard Corps (IRGC) has long used both state-backed hackers and aligned ‘hacktivist’ groups to target Western interests, including attempts to disrupt or deface websites linked to US and Israeli businesses, and to run online influence and misinformation campaigns – such as an Iranian-backed campaign around Scottish independence, as reported by The Telegraph earlier this year.

This is against the backdrop of a larger history of cyber operations in the conflict between the US, Israel and Iran, including the infamous ‘Stuxnet’ virus that targeted Iranian nuclear centrifuges at the Natanz nuclear enrichment facility, which was uncovered in early 2010.

The NCSC is calling on UK companies, especially those with a significant presence in Gulf hubs such as Dubai and Abu Dhabi, to remain on high alert and act now to improve their cyber resilience.

New government campaign urges SMEs to ‘lock the door’ on cyber criminals

The UK government has launched a new cyber security campaign aimed at helping small and medium-sized businesses protect themselves from common online threats, amid rising costs to the economy estimated at £14.7 billion a year.

Half of UK small firms have reported suffering a cyber breach or attack in the past 12 months, with significant incidents costing an average of £195,000, according to the government’s 2025 Cyber Breaches Survey.

The campaign, led by the Department for Science, Innovation and Technology (DSIT) and the National Cyber Security Centre (NCSC), promotes the Cyber Essentials scheme, a government-backed standard that helps organisations put basic protections in place.

Cyber Essentials focuses on five key controls: firewalls, secure configuration, software updates, user access control and malware protection. According to government statistics, organisations compliant to Cyber Essentials made 92% fewer cyber insurance claims last year.

Targeted particularly at SMEs, the campaign will run across social media, podcasts, radio and business networks, directing firms to practical, free tools including the Cyber Essentials Readiness Tool, free 30‑minute consultations with NCSC‑assured advisors, and access to the Cyber Essentials question set.

Government and NCSC leaders stressed that cyber risk is now a core business risk, urging companies of all sizes to adopt baseline protections to safeguard jobs, growth and critical services.

Cyber Security and Resilience Bill completes committee stage

On the 3rd March, the committee stage of the Cyber Security and Resilience Bill concluded, following weeks of debate and industry evidence, including the evidence submitted by CBN to the Bill Committee.

The committee stage hearings on the Cyber Security and Resilience Bill brought together regulators, public bodies, industry and academia to scrutinise the government’s flagship cyber legislation to significantly expand and update the existing Network and Information Systems (NIS) framework.

While there is broad agreement that the Bill is a positive step towards strengthening resilience in vulnerable sectors, witnesses raised concerns about scope, legal clarity and the potential burden on smaller firms.

Throughout the committee stage, industry voices called for clearer definitions and legal certainty throughout the Bill as it sought to expand the scope of NIS to cover data centres, large load controllers and managed service providers, and introduced a new five-step test to designate ‘critical suppliers’.

Critics warned that heavy reliance on secondary legislation to define thresholds risks creating an ambiguous and costly compliance environment, particularly for SMEs, as well as pressing for more impact-based thresholds, and highlighted the need for a single, consolidated incident reporting portal.

You can find CBN’s summary of insights from the Committee Stage in the following article.

While the committee stage has concluded with few amendments adopted to calm industry concerns, greater scrutiny and examination of the Bill is expected as it progresses to Report Stage in the House of Commons, before being sent to the Lords’ to undergo further debate.
The date of the Bill’s Report Stage has yet to be announced. If you have any questions about the Cyber Security and Resilience Bill, feel free to get in touch at secretariat@cb-network.org.

Policy & Political

UK steps up action against foreign interference in universities and politics

The UK government has announced new measures to strengthen protections against hostile state interference aimed at universities and the political system.

Senior leaders from more than 70 universities attended a high-level security briefing led by MI5 Director General Sir Ken McCallum and NCSC CEO Richard Horne, focused on how foreign states seek to shape or censor research and teaching – and how institutions can resist and report such activity. A separate briefing was also held for officials from all UK political parties.

Backed by £3 million in new funding, the new measures introduce the ‘Academic Interference Reporting Route’, offering senior university staff a direct channel to raise concerns with government and the security services, plus a planned proactive advisory service, updated guidance, and training to help staff and students understand and respond to threats.

Security Minister Dan Jarvis reinforced the importance of tough action on foreign interference, stating that the UK must be “clear-eyed that our world-class universities and democratic processes are being targeted by states who want to undermine our way of life”.

In addition to the new measures, The Department for Education will also consult the wider sector on the design of a new proactive advisory service, alongside further guidance and training.

Northern Ireland Secretary visits Queens University Belfast’s Centre for Secure Information Technologies

On the 24th February, Secretary of State for Northern Ireland Matthew Patrick visited Queen’s University Belfast’s Centre for Secure Information Technologies (CSIT) and the Cyber-AI Hub to see how its research is advancing cyber security in areas such as secure hardware, critical national infrastructure protection and trustworthy AI.

Professor Paul Miller led the Secretary of State tour of CSIT’s state-of-the-art facilities, showcasing collaborative R&D with NI-based cyber firms on AI-enabled security and securing AI itself. PhD researchers presented lightning talks on their projects, while engineers demonstrated in-house adversarial AI defence technologies.

The visit served to demonstrate the importance of the cyber industry to the regional economy, as the 2025 NI Cyber Security Sector Snapshot identified over 2,750 cyber security roles in Northern Ireland and an estimated £258 million contribution to the local economy. The report underscored the importance of CSIT’s Cyber-AI Hub in driving collaboration and innovation.

NCSC Updates

Alert: NCSC advises UK organisations to take action following conflict in the Middle East: NCSC has issued an alert advising UK-based organisations to review their current cybersecurity parameters following the outbreak of conflict in the Middle East. While there is no current significant change in the direct cyber threat from Iran to the UK, this assessment may be subject to change due to the fast-evolving nature of the conflict.
Improving your response to vulnerability management: Based on the methods from a research paper published by NCSC describing methods to assess ‘forgivable’ vs ‘unforgivable’ vulnerabilities, this blog post offers tips for vulnerability researchers, developers and UK organisations to increase the efficacy of their cyber vulnerability management.
Can you help the NCSC with the next phase of EASM research: Following the conclusion of the first phase of research into attack surface management (ASM), NCSC has announced the next phase of their research looking into external attack surface management (EASM), and is reaching out to the widest possible range of organisations that utilise currently EASM to get involved.
Exploitation of Cisco Catalyst SD-WAN: NCSC has issued a warning around malicious cyber threat actors that target Cisco’s Catalyst Software Defined Wide Area Networks (SD-WAN) used by organisations globally. NCSC has worked with it’s global partners to issue a Hunt Guide to assist in detection and threat hunting activities.

Business & Industry

New AI tools rattle cybersecurity stocks amid fears over disrupted business models

Cybersecurity stocks fell sharply in late February as investors reacted to the release of new AI-powered security tools that could challenge traditional cybersecurity offerings.

The market-wide sell-off followed Anthropic’s limited research preview of a new Claude-based security tool that can scan software code for vulnerabilities and suggest fixes, with further enterprise product announcements expected.

Major sector leaders including CrowdStrike and Zscaler dropped around 10%, Netskope and Tenable fell about 12%, while Okta, SailPoint, SentinelOne, Fortinet and Palo Alto Networks also lost ground.

Industry executives pushed back against the market’s reaction, arguing that AI code-scanning tools remain a cutting-edge innovation, but not a replacement for full-scale, ‘battle-tested’ security platforms. This comes as AI-powered security platforms continue to divide expert opinion

Government releases the results of fifth wave results from Cyber Security Longitudinal survey:

The government has released the fifth wave of results from its Longitudinal Survey on Cyber Security, showing that while incidents remain high, general cyber resilience measures do appear to be improving across industries and organisations.

The study tracked how UK organisation’s cyber practices, policies and investments are changing over time, combining survey data from 2021–2025 with in‑depth qualitative interviews.

The results show that incidents are still widespread: 82% of businesses and 77% of charities experienced a cyber incident in the latest wave, with over half of organisations (54%) reported a similar incident experience across both time points measured.

Adherence to NCSC’s Cyber Essentials program has risen significantly since the previous wave, with 30% of businesses now compliant (up from 23%) and 28% of charities (up from 19%). Organisations were also more likely over time to adhere to at least one recognised standard (Cyber Essentials, Cyber Essentials Plus or ISO 27001).

Supplier security remained an issue, with the data showing that medium-sized businesses and charities were less likely over time to formally assess cyber security of suppliers. UK organisations have been urged to assess the security of their critical suppliers as the threat of supply chain attacks continues to increase.

Events

Join CyberSummit 2026 – Turning Cyber Threats into Resilience and Growth

Senior leaders from across the UK cyber ecosystem will come together on Tuesday 23 June 2026 for CBN’s inaugural CyberSummit.

Held at Bird & Bird, 12 New Fetter Lane, London EC4A 1JP, this full‑day forum (10:00–17:00, followed by networking) will bring together 100+ senior figures including policymakers, government representatives, CISOs and C‑suite executives from critical sectors such as health, finance, energy, telecoms and insurance.

The summit will move beyond threat awareness to focus on tangible, layered resilience strategies, structured around four core themes:

Threats to UK Business & CNI: State-sponsored attacks, ransomware, and supply chain risk
Strengthening Organisational Resilience: Building adaptive, human‑centric security cultures
Innovation, Opportunity & Growth: Showcasing UK cyber excellence and routes to commercialisation
Advocacy & Policy: Ensuring industry has a strong voice in future UK cyber legislation

Open to CBN members, C‑suite leaders, technology heads and senior public sector representatives, CyberSummit 2026 is your chance to help shape a more resilient and prosperous digital future for the UK.

Please see more details about the CyberSummit here.

If you have any questions about CyberSummit or any upcoming events, feel free to get in touch at secretariat@cb-network.org.

About CBN

The Cybersecurity Business Network is a coalition of leading UK-based organisations committed to strengthening the nation’s cyber resilience, fostering innovation and supporting economic growth. Through collaboration and knowledge sharing, we empower our members to drive growth and set standards for excellence across the UK cyber sector.

As a member-led network, our ambition is to serve as the unified voice of the UK cyber industry, championing its interests, amplifying its potential, advocating for greater engagement and support from government, media, and the wider business community.

If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.

CBN Newsletter | February 2026

Our monthly update bringing you the relevant, high-level policy and business news from across the cyber sector.

This month, we analyse the first two hearings at committee stage for the Cyber Security and Resilience Bill, as well as taking a look at the WEF’s Global Cybersecurity Outlook, and examining some big announcements across the industry.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch.

never miss a thing

Sign up for news and upcoming events

Headlines

Witnesses provide oral evidence for the Cyber Security and Resilience Bill at committee stage

The first two oral evidence sessions on the Cyber Security and Resilience Bill at committee stage, held on Tuesday 3 February, brought together witnesses from industry, regulators, public bodies and academia.

While they broadly welcomed the Bill’s aims, they also raised significant questions about its scope, its impact on supply chains, and the practicality of its incident reporting mechanisms. Witnesses further explored how the Bill could help foster a stronger cyber risk culture within organisations, and the role it might play in promoting cyber skills development and training.

Witnesses generally agreed that the Bill’s effectiveness would be improved by revisiting and adjusting its scope. Jen Ellis, Associate Fellow at RUSI argued that the Bill should move away from static sector lists towards size or impact‑based thresholds, such as FTSE 350 companies or widely used tech providers. There were also concerns raised by techUK and Nine23 around the Bill’s broad definition of a managed service provider (MSP), creating issues around clarity, and its narrow size threshold, which may leave many MSPs out of scope.

There was a broad welcome of bringing key supply‑chain providers into scope, but that was met with a recognition of the complexity of the issue. Ofcom stated that they would adopt a pragmatic regulatory approach, starting from the suppliers that operators themselves worry most about, and building a more cohesive methodology from there. However, not all witnesses agreed on which supply-chain providers should be in-scope, and how that should be determined.

However, there was a broad agreement that the incidence reporting mechanism needed to be streamlined. ISC2, techUK and others were uneasy about phrasing within the legislation around incident reporting, such defining cyber incidents as ‘capable of having a significant impact’, without providing clearer metrics (e.g. number of customers affected, geographic spread, duration). They warned this could drive over‑reporting, regulator overload and box‑ticking, especially among SMEs.

Written evidence will now be considered by the Public Bill Committee, with the first reading on Thursday, 5th February. In general, the voices of industry mirrored the concerns raised in the written evidence submitted by the Cybersecurity Business Network last week – which outlined recommendations around modifying the Bill’s scope, aligning the regulation with pre-existing resilience standards, streamlining incident reporting requirements, and ensuring board-level accountability.

If you have any questions around the Bill, or any amendments proposed at committee stage, please contact secretariat@cb-network.org.

Cyber‑fraud overtakes ransomware as top concern for business leaders

Phishing and cyber‑enabled fraud have overtaken ransomware as the leading cybersecurity concern for global business leaders, according to the World Economic Forum’s Global Cybersecurity Outlook 2026.

The report, released on 12 January 2026 ahead of the WEF Annual Meeting in Davos, warns that levels of cyber‑enabled fraud have reached record highs, and continue to erode trust in digital systems. The survey of global executives found that 77% have seen an increase in cyber‑enabled fraud and phishing, and 73% say they or a peer have been directly affected.

Phishing is the most commonly reported threat, with the report emphasising the growth in email, voice (vishing) or SMS (smishing) scams. Other major issues include invoice and payment fraud tied to business email compromise (37%), identity‑related attacks (32%), insider or employee‑led fraud and romance or impersonation scams (both affecting around one in five), and growing concern about cryptocurrency and investment fraud.

The report also highlights the rapid escalation of AI‑driven cyber risks. Eighty‑seven percent of respondents experienced rising AI‑related vulnerabilities last year and 94% expect AI to be the dominant force shaping cybersecurity in 2026. The WEF argues that cyber risk is now a strategic, economic and societal challenge rather than a purely technical one, calling for coordinated action between governments, businesses and technology providers.

New Chinese embassy sparks communication concerns

The plan to build a new Chinese embassy next to the Tower of London was approved by the government, following a lengthy debate around potential security risks.

The new site would be China’s largest embassy in Europe, hosting over 200 staff and consolidating seven existing diplomatic sites into one. The Security Service, MI5, says that this could make monitoring easier. Critics warn the complex could become a hub for espionage, cyber activity and intimidation of dissidents.

The Telegraph newspaper ran an article spotlighting concerns around a subterranean basement room being built within the embassy that will run alongside sensitive fibre optic cabling, transmitting data between the City of London and Canary Wharf – the city’s main two hubs of financial services.

Critics have raised potential communications interference or internet traffic monitoring, however, British intelligence services noted that it was ‘not realistic to expect to be able wholly to eliminate each and every potential risk’, in a letter addressed to the Home Secretary and Foreign Secretary.

Policy & Political

The UK and Japan agree to boost joint cybersecurity measures following state visit

On the 31st January, the governments of the UK and Japan agreed to accelerate co-operation on cybersecurity measures in the UK-Japan strategic cyber partnership. This followed Prime Minister Keir Starmer’s visit to Japan, and meeting with new Japanese prime minister Sanae Takaichi. The new partnership comes as tensions between Japan and China have heightened since Takaichi became prime minister, and fears around China’s offensive capabilities grow.

The strategic partnership commits both the UK and Japan to work together to address global cyber threats, based on three main pillars. Firstly, detecting, deterring and defending against cyber threats, secondly, enhancing whole-of-society cyber resilience, and finally, building an innovation ecosystem.

Both nationals have agreed to use their available cyber capabilities to help deter cyber threats facing both nations, and have reaffirmed their commitment to close collaboration, including around developing new technical standards, information sharing policies, and protecting both nation’s critical national infrastructure.

The new measures reaffirm the previous Japan-UK Cyber Partnership as part of the so-called Hiroshima Accord, established by former prime ministers Rishi Sunak and Fumio Kishida in 2023. Closer collaboration between the Japanese and British cyber sectors could create greater market access for UK vendors, as well as offering more investment and partnership opportunities and a stronger deterrence posture against hostile states.

Parliamentarians urge stronger Cabinet action to tackle cyber-crime

Parliamentarians pressed the Government to step up efforts to combat cyber-crime, highlighting both the growing scale of the threat and the importance of home-grown cyber skills.

Responding to questions in the House, Dan Jarvis, the Minister of State for Security for the Cabinet Office, reaffirmed that the Government is ‘absolutely committed’ to using all available tools to disrupt cyber-threats and keep the public safe. He pointed to the upcoming national cyber action plan, designed to address evolving cyber-threats and emerging technologies, and confirmed that ministers are working closely with police to deliver ‘real-world impact’ against cyber-criminals.

Jim Shannon, DUP MP for Strangford, drew attention to the scale of the problem, noting that cyber-crime and fraud now account for around 50% of all offences in the UK, costing the economy billions each year.

Jarvis reiterated the seriousness with which the Government treats cyber-crime and pointed to existing support for victims, including free guidance, tools and incident response advice courtesy of NCSC, alongside targeted awareness campaigns.

NCSC Updates

NCSC issues warning over hacktivist groups disrupting UK organisations and online services: NCSC issued an alert in January 2026, highlighting the persistent targeting of UK organisations by Russian state-aligned hacktivist groups aiming to disrupt networks – triggering a notice for local government authorities and CNI operators to check their cyber resilience measures.
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?: A new blog published by NCSC examines the potential of Cloud Security Posture Management (CPSM) tools, especially as multi-cloud environments become more commonplace and risks stem from misconfiguration, vulnerabilities and resource sprawl.
Designing safer links: secure connectivity for operational technology: NCSC published new guidance on secure connectivity principles for operational technology (OT), allowing organisations to review their current connectivity policies, and design new ones to enhance resilience across OT.
Cyber Essentials Supply Chain Playbook: NCSC has published its Cyber Essentials playbook for supply chains, helping to protect businesses by embedding its Cyber Essentials standard across supply chains.

Business & Industry

RUSI publishes new Cyber Strategy paper

The Royal United Services Institute (RUSI), the world’s oldest and the UK’s leading defence and security think tank, published a new paper calling for comprehensive updates to the UK’s current cyber strategy.

With cyber attacks costing UK businesses billions each year, and incidents like the Jaguar Land Rover breach exposing serious gaps in resilience, RUSI is advocating for the upcoming National Cyber Action Plan to become a critical opportunity to reset the UK’s cyber resilience strategy.

They call for a sharper focus on economic security, a new threat-response model that properly balances state-backed attacks and cybercrime, and a cross-government joint assessments unit to improve coordination.

The paper also urges tougher accountability in both the public and private sectors: stronger cyber performance in government, mandated board-level responsibility for cyber risk, and more transparent reporting from companies.

Finally, it argues that regulators must be properly funded and empowered, including through annual fees from regulated organisations to support enforcement. Taken together, these steps would help fix market failures, strengthen resilience and better protect the UK’s infrastructure, economy and national security.

JLR still feeling the impact of 2025 cyberattack

Jaguar Land Rover is still feeling the impact of last autumn’s major cyber attack, reporting a further £64 million in related costs and a sharp downturn in performance. The incident forced a five‑week production halt from 1 September, contributing to an underlying pre‑tax loss of £310 million in the quarter to 31st December, compared with a £523 million profit a year earlier.

Revenues for the quarter fell 39% to £4.5 billion as sales volumes were hit, with production only back to normal by mid‑November. JLR has now booked £260 million in direct cyber‑related costs this year (£196 million previously plus £64 million this quarter), helping push year‑to‑date losses to £444 million, versus £1.6 billion in profits a year earlier.

JLR’s new chief executive has said it had been a ‘challenging quarter’ but stressed that production is now back at normal levels and that JLR expects a significant improvement in performance in the final quarter, with ‘clear plans to manage global challenges.’

Events

CBN March Member Meeting

CBN will be holding its second bi-monthly members meeting of 2026 soon for paying members – keep an eye on your emails for further details.

If you’d be interested in attending our next meeting,, please drop us an email at secretariat@cb-network.org.

To become a member and ensure you won’t miss any of our events, please visit cb-network.org/join-us/.

About CBN

If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.

CBN Newsletter | January 2026

Our monthly update bringing you the relevant, high-level policy and business news from across the cyber sector.

This month, we take a look at the newly released Cyber Action Plan, the long-awaited second reading of the Cyber Security and Resilience Bill, where the House of Commons will take its first opportunity to scrutinise the main aspects of the Bill, as well as a number of high-profile cyber incidents that occurred as 2025 was wrapping up.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch.

never miss a thing

Sign up for news and upcoming events

Headlines

Cyber Security and Resilience Bill undergoes second reading in the House of Commons

Today, the Cyber Security and Resilience Bill has undergone its second reading in the House of Commons. The Bill is set to be passed through the lower house, with the expectation of Royal Assent in mid-2026.

The legislation represents the most significant effort to date in modernising the UK’s cyber framework by expanding the scope of regulated services, strengthening reporting requirements, and providing regulators with enhanced tools to enforce compliance. The legislation further develops the UK’s NIS regime, bringing it closer in line with the EU’s NIS2 directive.

The legislation aims to establish new definitions for relevant digital service providers (including online marketplaces, search engines and cloud computing services), and incidents (to include events capable of affecting network and information systems, even where no data has been compromised)

The Bill will mandate 24-hour initial incidence reporting, with a full report required after 72 hours, as well as widening the range of organisations subject to cybersecurity standards, introducing data centres, as essential services under joint oversight from Ofcom and the Secretary of State for DSIT.

Following its second reading, the Bill will enter committee stage, where a detailed clause-by-clause examination will take place. During this process, Parliament will look to agree more complete definitions of which entities are in scope, what the exact penalty regimes may be for non-compliance, and specify more detailed security and resilience requirements.

During committee stage, cyber industry experts may wish to appear as oral witnesses, or submit written evidence to the Public Bill Committee when it calls for it.

If you have any questions around the Bill, or any amendments that parliament may propose in the Bill’s second reading, please contact secretariat@cb-network.org.

Government announces Cyber Action Plan to strengthen resilience and incidence reporting for public sector and government departments

Prior to the second reading of the Cyber Security and Resilience Bill, the government announced its Cyber Action Plan on the morning of the 6th January 2026. The plan aims to strengthen cyber defences and digital resilience across government departments and the public sector, backed by over £210m of government funding. It is notable that the £210m of funding is far less than the similar £2.6bn pledged in the 2022 National Cyber Strategy for modernising public sector legacy systems to become more resilient.

Driven by a newly formed ‘Government Cyber Unit’, this plan supports a wider strategy by the government to digitise public services, improve online service accessibility, reduce times spent in online queues, and centralise access to government support and resources.

The plan focuses on achieving clearer visibility of cyber risks across government departments, acting to strengthen mitigation efforts and implementing faster and more robust incident response procedures.

Additionally, the government has announced the Software Security Ambassador Scheme, which aims to reduce software supply chain attacks through a new Software Security Code of Practice. Cisco, Palo Alto Networks (PAN), Sage, Santander and NCC Group have agreed to act as ambassadors for the scheme.

If you have any questions around the Cyber Action Plan and what it might mean working in, or closely with, the public sector, please contact secretariat@cb-network.org.

UK and Europe are under threat from Russian ‘information warfare’, warns Foreign Secretary

In a speech commemorating the centenary of the signing of the Locarno Treaties in 1925, the Foreign Secretary Yvette Cooper warned that ‘hybrid threats’ from Russia are threatening the UK and Europe, aimed at destabilising democracy, undermining collective interests and weakening critical national infrastructure.

These hybrid threats include, but are not limited to, ‘relentless’ cyberattacks against businesses and critical infrastructure, dissemination of social media disinformation (including utilising generative AI), and state-sponsored sabotage.

Cooper cited Russia’s campaign of ‘information warfare’ as a driving force that has led the UK to develop, and continue develop, its defensive cybersecurity, law enforcement and intelligence capabilities.

In addition to the threat posed by Russia, the Foreign Secretary also raised the issue of Chinese-origin cyber threats. She used the speech to announce new sanctions on two China-based companies, i-Soon and Integrity Technology Group, which the government allege have been involved in ‘vast and indiscriminate cyber activities against the UK and allies’.

Hackers set their sights on government, with cyberattacks against the Foreign Office and Westminster City Council

The end of 2025 saw two cyberattacks launched against two major departments of national and local government. The Foreign, Commonwealth and Development Office (FCDO) and Westminster City Council both experienced cyber incidents in a pertinent reminder that the government remains a key target for cyber criminals.

The cyberattack affecting the FCDO was confirmed by Chris Bryant MP, who stated that the government had been aware since October 2025. The minister has claimed that the risk of compromise to individual data was ‘low’. While Bryant claimed that the perpetrators were ‘unclear’, The Sun newspaper has pointed fingers at a Chinese hacking group named Storm 1849, who were behind the ‘ArcaneDoor’ campaign affecting Cisco infrastructure in 2024.

The cyberattack against Westminster City Council took place in late November, with confirmation from the council that data had been copied by the perpetrators, which potentially included sensitive council data. This also included data on a server that was shared between Westminster City Council and Kensington and Chelsea Council, however Westminster Council remains primarily affected. The perpetrators are currently unclear.

Westminster Council has urged residents to follow NCSC advice and be wary of any suspicious calls or emails, and has set up a helpline and email address to assist with any public enquiries relating to the cyber incident.

Insights

What to expect from CBN in 2026

CBN will be ramping up its advocacy work in 2026, with the year set to be pivotal legislative and strategic year in the UK cyber landscape. Our work will focus on engaging proactively with the Government on key areas that directly impact our community and expand member’s opportunities within the UK market.
Cyber Security & Resilience Bill: With the expectation of Royal Assent later this year , this legislation will undergo extensive parliamentary scrutiny in early 2026, modernising and strengthening UK cyber defences, including the expansion of NIS/NIS2. CBN is taking a proactive role in advocacy to shape the bill’s legislation and implementation.

National Cyber Action Plan: We will engage proactively with the team shaping the new ‘business first’ action plan, aimed at bolstering economic resilience and led by Security Minister Jarvis.
Upcoming Regulation: We will enable the sector to have a voice, seeking to support the development of effective, proportionate regulation as oversights across critical verticals are strengthened.
Strengthening SME Cyber Resilience: Following the work of the NCSC SME cyber strategy in 2025, CBN will focus its advocacy efforts on supporting the implementation of this strategy and bringing our members’ expertise to the fore.
Digital Transformation: As Government and the public sector push toward increasingly digitised services, we will engage with public sector organisations to showcase our members’ expertise and ensure robust cybersecurity resilience.
APPG for Cyber Innovation: CBN will be continuing its work supporting the APPG for Cyber Innovation, creating further opportunities for engagement with key stakeholders across government departments.

Policy & Political

New Chief of SIS focuses on cyber and technology in first major speech

Blaise Metrewelli, the newly appointed chief of the UK’s Secret Intelligence Service (SIS), more commonly known as MI6, emphasised the organisation’s focus on enhancing its technological and cybersecurity capabilities in a speech delivered on the 15th December 2025.

Metrewelli claimed that SIS is currently operating in a ‘space between peace and war’, in which advanced technologies are reshaping conflict, power and trust globally. She highlighted how converging fields such as AI, biotechnology, and quantum computing are accelerating threats to UK national security.

She stressed that information had become weaponised through disinformation and manipulation tactics, exemplified by increasing threats posed by Russian hybrid warfare, including cyberattacks, drones, sabotage, and influence operations.

In response, SIS is refocusing its efforts on mastering its use of technology, particularly around AI and data, and integrating it into their work such that officers are as comfortable with code as with human sources.

This would see the SIS deepen partnerships across the UK intelligence community and the wider technology ecosystem, recognising that the defining issue is not who has the most powerful tech, but who can apply it effectively.

The UK and South Korea agree to enhance cyber collaboration in a new joint statement

The governments of the UK and South Korea agreed a joint statement on deepening technology ecosystems and strengthening digital collaboration, following the second UK-ROK (Republic of Korea) Digital Partnership Forum in Seoul, on 16th December 2025.

Four key pillars were agreed as part of the joint statement. These pillars are: strengthening digital infrastructure, fostering technological innovation, reinforcing multi-stakeholder approaches, and enhancing cybersecurity and securing critical technologies

The fourth pillar sees a commitment from both states to further collaborate to strengthen cybersecurity, within the framework of the last UK-ROK Cyber Dialogue, which saw the UK and South Korea commit to working together to counter malicious cyber activity from malign states, namely North Korea, Russia and China.

With the new joint statement, both states have renewed this commitment, as well as reinforcing a particular focus on the growing role of AI within the cybersecurity field.

NCSC Updates

Mistaking AI vulnerability could lead to large-scale breaches, NCSC warns: NCSC has shared insights that caution cybersecurity professionals against comparing prompt injection and SQL injections. They warn that generative AI applications may be vulnerable to injection prompts that may not be mitigated in the same way as SQL injections, as many LLMs remain unable to distinguish between genuine prompts and injections.
Almost 1 billion attempts to access malicious sites blocked by new government cyber tool: Nearly 1 billion cyberattacks and attempts to access scam websites have been blocked by a new government cyber service in less than a year, according to new figures from GCHQ’s National Cyber Security Centre (NCSC) and BT. 
Updating our guidance on security certificates, TLS and IPsec: December 2025 saw the NCSC update 3 pieces of key guidance around the use of security certificates and cryptographic methods. These include consistency changes around the use of TLS and IPsec, in line with the NCSC’s new advice on external attack surface management (EASM) products.
Cyber deception trials: what we’ve learned so far: NCSC has provided an update around their on-going trials to test the efficacy of cyber deception solutions (i.e, a honeypot used to lure attackers). They have found that cyber deception is able to work, especially around identifying insider threats, however they’re not ‘plug-and-play’, and require having correct and relevant data and context.

Business & Industry

NHS Supplier DXS International confirms cyberattack

DXS International, a provider of clinical solutions for healthcare professionals and patients to the NHS, confirmed that they experienced a cyberattack on their office servers on the 14th December 2025.

The incident has been reported as having ‘minimal impact on the company’s services’, leaving front-line clinical services ‘unaffected and operational’.

The prolific ransomware threat actor ‘DevMan’ claimed responsibility, stating that they had copied around 300GB of data, threatening to release it publicly. However, neither the NHS nor DXS have commented on this claim.

Scattered Spider attacks cost UK retailers millions in damages

Cyberattacks against major UK retailers are estimated to have cost affected businesses millions of pounds in damages. Two of the worst affected were M&S and the Co-op Group, who are estimating losses of approximately £300m and £200m respectively.

Taking place between April and May of 2025, the attacks utilised the DragonForce ransomware, with social engineering tactics deployed, such as voice phishing, to compromise company networks via internal IT helpdesks. Hackers then activated the main ransomware payload across compromised systems..

These attacks triggered serious disruption to the businesses, causing data loss and outages that led to a depreciation of the companies stock and revenue prices.

Events

CBN January Member Meeting

CBN is holding its first bi-monthly members meeting of 2026 in London, on Wednesday, 21st January, 4:30pm – 7:30pm. This event will comprise of a roundtable style discussion to help shape our 2026 agenda, as well as a discussion around ongoing developments regarding the Cyber Security and Resilience Bill, following its second reading in the Commons this month.

Please note: This vital session is exclusively for paying members and partners. If you’d be interested in attending the event, please RSVP to secretariat@cb-network.org.

To become a member and ensure you won’t miss any of our events, please visit cb-network.org/join-us/

About CBN

If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.

CBN Newsletter | December 2025

Our monthly update bringing you the relevant, high-level policy and business news from across the cyber sector.

This month, we take a look at our Inaugural Parliament & Cyber Conference, the Government’s Autumn budget, alongside a raft of other public and private sector announcements.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch.

never miss a thing

Sign up for news and upcoming events

Headlines

Security Minister speaks at Parliament and Cyber Conference

Minister for Security Dan Jarvis delivered the keynote speech at our first Parliament and Cyber Conference 2025, in which he called for stronger cyber resilience across government, business and society with the escalation of cyber threats in a hyper-connected world.

Jarvis highlighted how, if cybercrime were an economy, it would be the third biggest in the world with global scams expecting to cost $27 trillion a year by 2027. The government is seeking to act with both legislation and policy, including the recently introduced Cyber Security and Resilience Bill, and the Counter Political Interference and Espionage Action Plan as well as support of the NCSC.

During his address at the conference, Jarvis noted that “Our tech sector is one of the most crucial chips in the economy’s motherboard. One that takes its cyber security seriously. I hope that, through Government support and their own initiative, that the rest of our business leaders follow in your footsteps.”

Government’s publishes Cyber Security and Resilience Bill

The Government introduced the Cyber Security and Resilience Bill for its First Reading in the House of Commons on 12 November 2025, marking the first time a UK Bill has included “cyber” in its title. The legislation represents a significant effort to modernise the UK’s cyber framework by expanding the scope of regulated services, strengthening reporting requirements and providing regulators with enhanced tools to enforce compliance. It builds on the Cyber Governance Code of Practice published in April 2025 and further develops the UK’s NIS regime, bringing it closer, though not fully in line with, the EU’s NIS2 directive.

The Bill widens the range of organisations subject to cybersecurity standards, introducing data centres as essential services under joint oversight from Ofcom and the DSIT Secretary of State.The Bill also, amongst other provisions:

Establishes new definitions for relevant digital service providers, including online marketplaces, search engines and cloud computing services,
Brings large managed service providers into scope where they provide ongoing access to customer systems.
Strengthens reporting requirements significantly, with in-scope organisations required to submit an initial incident notification within 24 hours and a full report within 72 hours.
Expands the definition incident to include events capable of affecting network and information systems, even where no data has been compromised.

Please contact secretariat@cb-network.org for more information on the Bill.

Policy panel: Designing a resilient future

At the Parliament and Cyber Conference, during the Panel “UK cyber policy: designing a resilient future”, speakers, including Cyber Innovation APPG officer Alison Griffiths MP, and Jonathon Ellison, National Resilience Director at the NCSC emphasised the scale of the challenge and the importance of ensuring the Bill is implemented in a way that is both effective and proportionate.

Across our events, there was clear consensus from both public and private sector voices on the need for sustained cross‑collaboration as the Bill progressed through Parliament, with particular focus on proportional definitions, workable reporting obligations and transparent approaches to designating critical suppliers.

Innovation panel: Securing our future in a world of AI and quantum

The second panel at Parliament and Cyber Conference 2025, titled “The next frontier: securing our future in a world of AI and quantum,” examined how emerging technologies are reshaping both opportunity and risk for the UK.

Artificial intelligence was discussed as a major driver of growth and productivity, but panellists underlined how it has already begun to transform the cyber threat landscape. Panellists highlighted escalating AI enabled fraud, the potential misuse of generative tools, and complex questions of accountability in autonomous defence systems. Looking ahead, they noted that the emergence of quantum computing could further disrupt existing cyber security protocols and undermine many of today’s cryptographic standards.

The panel focused on how the government can respond with agile and effective policy, working closely with industry to strengthen resilience and protect both the economy and wider society.

Speakers included Daniel Aldridge MP, Chair of the APPG for Cyber Innovation, Zeki Turedi, Field CTO at CrowdStrike, Shaukat Ali Khan, CDIO at NHS West Yorkshire, Dr Melanie G., Associate Professor at UCL, and Sean Remnant, CSO at Exclusive Networks.

Insights

What to expect in 2026 from CBN

Following our Conference it was clear that cyber resilience is now firmly established as a national priority.

With more than 150 parliamentarians, policymakers, academics and industry leaders there was a clear consensus from both public and private sector voices emphasising the need for sustained cross‑collaboration as the Bill progresses through Parliament, with particular focus on proportional definitions, workable reporting obligations and transparent approaches to designating critical suppliers.

In 2026, CBN looks forward to working constructively with the Government as it sets out its plans across Cyber Security, most notably the Cyber Security & Resilience Bill, as well as the forthcoming National Cyber Action Plan, and broader government approaches. We are excited to develop on the progress made this year, including supporting the APPG for Cyber Innovation, to create further opportunities for engagement with key stakeholders.

Please do get in touch with the team at secretariat@cb-network.org for more information.

Policy & Political

Autumn Budget 2025

After much speculation and anticipation, the Chancellor’s Autumn Budget was unveiled – albeit following a premature leak from the Office for Budget Responsibility.

The Budget was presented as making the “fair and necessary choices” to ease pressures on households, strengthen public services and support growth.

Cyber was predominantly absent from the Chancellor’s Budget speech. With her self-imposed rules preventing rises to income tax, National Insurance or VAT, she instead relied on freezing income thresholds and introducing a series of wider tax increases to reduce borrowing and create future fiscal headroom. Business rates for retail, hospitality and leisure will be permanently lowered, funded in part by higher rates for the most expensive properties. Notably:

Over £120 billion of departmental capital spending was protected for transport, housing, nuclear and record R&D, supported by a National Wealth Fund with £153 billion of capacity expected to mobilise around £70 billion of private investment.
Regional and place based funding was strengthened through an expanded Local Growth Fund and Mayoral Revolving Growth Fund, alongside targeted support for northern growth corridors.
Business investment incentives included expanded venture capital schemes, wider EMI eligibility and a new 40% first year capital allowance for plant and machinery from 2026.

Technology also featured prominently, with commitments on AI infrastructure and data centres, new AI Growth Zones and a brief reaffirmation of previously published digital ID plans in the context of immigration control and efficiency savings, as well as reaffirmation of defence spending targets.

Ministers and NCSC write to small business on cyber security

Minister Liz Lloyd, Minister Blair McDougall and the National Cyber Security Centre (NCSC) CEO Richard Horne have written to small businesses reminding them of the resources available to them to ensure that they remain cyber secure – including the free Cyber Action Toolkit, Cyber Essentials, and Action Fraud.

The signatories urge small businesses to take these steps to remain resilient in the face of increasing cyber attacks; half of small businesses in the UK report having suffered a cyber attack in the previous 12 months and 35% of micro businesses reported phishing attacks.

The NCSC has also published a dedicated blog on these available resources, which can be seen here.

NCSC Stop! Think Fraud campaign

The NCSC has launched a nationwide Stop! Think Fraud campaign, offering advice to individuals and small businesses ahead of the busy festive period. The campaign encourages online shoppers to follow tips from the Home Office and the NCSC to avoid online scams, with individuals encouraged to report suspicious activity to the NCSC.

Cyber recruits graduate from Defence Cyber Academy

An inaugural group of around 30 graduates will enter operational roles in cyber defence following their training at Defence Cyber Academy on their fast-track Cyber Direct Entry programme, with new training places available for people aged 18-39 for 2026.

The graduates will be joining the new Defence Cyber & Electromagnetic Force (DCEMF).

The entry route sees basic training reduced from 10 weeks to around one month, after which recruits undergo three months’ specialist training.

In 2025, the UK faced 18 major cyber incidents – an almost 50% increase on the previous year and the third consecutive annual rise.

Research and analysis: Research on mapping the AI and software cyber security services market

The government is carrying out research on mapping the AI and software cyber security services market. Commissioned by DSIT, this project aims to better understand the skills, services, and tools available to support organisations in the UK in meeting the requirements of the Global Standard for AI Cyber Security and the Software Security Code of Practice.

The research will build on this market analysis, and will consist of a telephone survey of UK-based organisations that provide AI and/or software cyber security services.

NCSC Updates

NCSC consumer alert for holiday shopping scams: Ahead of Black Friday and the festive season, the NCSC and Home Office’s nationwide Stop! Think Fraud campaign urges online shoppers and small businesses to stay alert to scams after £11.8m was lost to online shopping fraud last year; advice includes checking retailers are legitimate, turning on 2-step verification for important accounts, paying securely (avoiding direct bank transfers and unnecessary card detail storage), being wary of delivery scam messages and links, and reporting suspicious emails, texts or fake websites to the NCSC.
NCSC retirement of Web Check and Mail Check by 31 March 2026: The NCSC will retire its Web Check and Mail Check services in favour of a now-mature external attack surface management (EASM) market, urging organisations to adopt commercial EASM tools guided by its new buyer’s guide, continue using Early Warning and DNS Check via MyNCSC, and subscribe to the Check your cyber security service to monitor email anti-spoofing and email privacy as part of its ACD 2.0 roadmap.
NCSC Proactive Notifications Service: As part of its updated Active Cyber Defence approach, the NCSC has launched a pilot service with Netcraft that proactively scans for selected publicly visible vulnerabilities, sends plaintext notification emails from netcraft.com to affected organisations with guidance on remediation, and complements (but does not replace) organisations’ own security monitoring, which can be further strengthened by signing up to the free NCSC Early Warning service.
NCSC Cyber Action Toolkit for small businesses: the NCSC has created a free, personalised tool for sole traders, micro and small organisations that gives clear step-by-step actions, three levels to progress through (Foundation, Improver, Enhanced), simple progress tracking, and a path toward Cyber Essentials.
NCSC handover of smart meter security assurance:After more than a decade securing the UK’s SMETS2 smart metering infrastructure through its Commercial Product Assurance (CPA) scheme, including around 150 evaluations and over 32 million certified devices, the NCSC has formally transferred ownership of the smart meter CPA scheme to the Smart Energy Code Security Sub-Committee under DESNZ stewardship, marking a mature, industry-led assurance model that frees NCSC to focus on challenges where it is uniquely placed to add value.

Parliamentary Questions

This past month, questions were answered on army recruitment into their cyber stream, the growth of a grey area in cyber defence investment, and cyber-security based amendments to regulations of telecoms infrastructure One debate highlighted the role of the Council of Europe in tackling cyber crime, and the yearly debate on Remembrance Day outlined the growth of military personnel specialising in cyber warfare. The need to highlight cybersecurity training amongst SME’s was outlined, and the House of Commons Business and Trade Committee outlined the need for cybersecurity to form part of an economic security safeguard for businesses. The Government further announced cyber counter-measures against Chinese espionage.

Business & Industry

Major UK altnet data breach highlights supply chain risk

Alternative broadband provider Brsk, which recently merged with Netomnia, reported a major DDoS customer data breach that reportedly exposed around 230,000 customer records for sale on a hacking forum. The compromised database included names, email addresses, physical addresses, phone numbers, installation and booking details, internal IDs, location data and indicators of vulnerable customer status, although Brsk stated that no financial information, passwords or login credentials were affected.

Cyber attack on London councils triggers emergency response

Westminster City Council and the Royal Borough of Kensington and Chelsea activated emergency and business continuity plans following a cyber attack that disrupted shared IT systems and phone lines. Working with cyber specialists and the National Cyber Security Centre, both councils focused on maintaining critical services and support for vulnerable residents while systems were taken offline and restored.

The Information Commissioner’s Office was notified and investigations into the source, scale and any potential data compromise are ongoing. Other London boroughs, including Hammersmith and Fulham, were also believed to have been affected and were advised to warn staff about phishing risks, including suspicious emails and unexpected links, as services were not expected to be fully restored until later in the week.

KawaiiGPT shows how free AI tools are lowering the barrier to cybercrime

The growing use of KawaiiGPT has been outlined as aiding in lowering the barrier to commit cybercrime. KawaiiGPT, a free, open source “black hat” large language model that has been available since July 2025 and is now at version 2.5. Unlike paid tools such as WormGPT, KawaiiGPT could be installed from GitHub in minutes and used via a simple command line interface to generate convincing phishing emails, ransomware notes and working attack scripts, enabling even low skilled individuals, referred to informally as “script kiddies”, to launch sophisticated campaigns. With hundreds of users coordinating via Telegram, the tool illustrated how freely available offensive AI was compressing attack cycles and eroding traditional warning signs such as poor grammar, reinforcing the need for AI aware email filtering, anomaly detection and broader defensive controls.

Cyberattack exposes customer data of major financial institutions

Real estate finance and tech vendor SitusAMC disclosed a cyber attack that may have exposed customer data from several leading US banks, including JPMorgan, Morgan Stanley and Citi, as well as other top‑tier institutions. The firm, which processes mortgage payments and manages real estate loan data for many of the top 20 US banks, reported that corporate accounting records, legal agreements and some client customer details were accessed, although no encrypting malware was involved. The incident currently remains under FBI investigation.

Events

Members should keep their eyes peeled as we will be launching our 2026 events and activity in the coming weeks.

Partner Events

Sign up for the CCUK Fraud Summit 2026

We are excited to announce the return of our highly anticipated Fraud Summit 2026, bringing together the industry’s most authoritative voices. CCUK is currently looking sponsors for the event, and has a range of sponsorship packages.

Join CCUK on Wednesday 15th April 2026 at One Birdcage Walk in London for our second annual summit. We’ve built on the success of last year to create an even more powerful, insightful agenda focused on actionable intelligence and collaborative solutions.

This is your opportunity to gain unparalleled access to the decision-makers and experts who are shaping the UK’s response to security threats.

This year’s programme will feature an elite lineup of speakers from every critical sector, ensuring you get a 360-degree view of the fraud landscape. Connect with industry peers and key stakeholders in a focused, professional setting.

CBN members get discounted tickets, secure yours here.

Would you like to raise your company profile by being the event’s supporter? Check our sponsorship pack here and contact team@commscouncil.uk for more information.

Please do contact team@commscouncil.uk for more information.

About CBN

Membership to CBN is free for all cybersecurity organisations. If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.

CBN Newsletter | July 2025

Our monthly update to bring you the relevant, high-level policy and business news from across the cyber sector.

This month, we take a look at the Government’s new Industrial Strategy, Cyber Growth Action Plan, and a raft of other public and private sector announcements.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch.

never miss a thing

Sign up for news and upcoming events

Headlines

Government published Modern Industrial Strategy

Last month, the Department for Business and Trade (DBT) unveiled its long-awaited Modern Industrial Strategy, a ten-year long plan to increase economic growth and foreign direct investment in the UK, which focuses on eight growth-driving sectors..

The strategy has a strong focus on cybersecurity, with Chapter 3.3 of the Digital and Technology Plan dedicated solely to cyber. Viewed as a driver of growth and security, the plan states that the Government will aim to attract investors and support innovation across cyber skills, R&D, infrastructure, regulation and international partnerships; this is also supported by the billions in extra funding awarded to the Department for Science, Innovation and Technology (DSIT) in the recent Spending Review.

Key commitments include:

Supporting “home-grown innovation” with the Cyber Academic Startup Accelerator Programme (CyberASAP) and the Cyber Runway accelerator – with the ambition to support 250 companies and 28 academic “spinouts” by 2030 – in addition to the new National Cyber Innovation Centre in Cheltenham
Investing in innovation, including £670 million for quantum computers and £500 million delivered through the Sovereign AI Unit; £2m for the Cyber AI Hub in Belfast, as well as £25m for the CHERI CHERI secure chip blueprint
Addressing skills gaps by supporting the expansion of the Cyber Essentials scheme to 380 certification bodies, and through providing support for 415,000 students in the the CyberFirst bursary scheme and through National Cyber Force (NCF) partnerships

Separately, the Government has also recently published the 10-Year Infrastructure Strategy, which pledged at least £725 billion in public funding over the next decade to update the UK’s economic and social infrastructure.

Further, they also released the National Security Strategy (NSS); in recognising our reliance on digital infrastructure could increase vulnerabilities to cyber attacks, the strategy outlined the Government’s commitments to improving national security – most notably, it announced that a dedicated National Cyber Strategy will be published later this year to outline the Government’s approach to cybersecurity resilience, alongside a further Resilience Strategy targeting a broader range of risks and the upcoming Cyber Security and Resilience Bill, expected later this year.

If you have any questions regarding the Government’s work in this area, please contact us at secretariat@cb-network.org.

Cyber Growth Action Plan 2025

The government published the terms of reference for a new Cyber Growth Plan, which will identify possibilities for growth in the UK’s cyber sector. Led by Bristol University and Imperial College London, the recommendations are expected to be published “later this summer”.

Specifically, the review will cover the supply and demand of cyber goods and services, such as protective monitoring and encryption, identifying potential areas to capitalise on as well as explore the possibilities associated with AI and quantum. The Plan will feed into the forthcoming National Cyber Strategy.

Insights

Why Cybersecurity Needs Storytellers

How comms can combat misinformation and build trust

Liva Emmatty, our Communications Lead here at CBN, writes about how cybersecurity is as much about people and trust as it is about technology. With social media now the main news source for over half the global population, the spread of misinformation can leave organisations exposed to confusion and reputational harm.

Communications professionals in cybersecurity have a crucial role in busting common myths, simplifying technical concepts through relatable storytelling, and engaging with policymakers to ensure cyber policy reflects real-world challenges, and can help organisations prepare for crises by monitoring misinformation and responding quickly and clearly.

Interested in learning more about how you can benefit from communications support? Reach out to the CBN secretariat at secretariat@cb-network.org

News Updates

Political and policy updates

UK and Canada commit to cybersecurity cooperation

The UK and Canada have agreed to increase collaboration on cybersecurity as part of their broader partnership. This includes joint efforts to counter malicious cyber activity, information manipulation, and digital transnational repression.

The countries are launching the Joint Canada-UK Common Good Cyber Fund, with $5.7 million (£ ) in initial funding, to support civil society organizations at high risk from digital threats. Both countries will also work together to develop secure communications products, advance cryptography, and start new research partnerships to address gaps in AI security and improve AI models for national security purposes.

Ministerial comment on cyber and undersea cable threats

The Parliamentary Under-Secretary of State for Defence, Luke Pollard, said during a National Security Strategy Committee inquiry session that the Submarine Telegraph Act 1885, which imposes fines of up to £1,000 for cable sabotage, is somewhat “out of step” with modern-day risk, and the government may look to update the legislation in coming years.

Telecommunications Minister Chris Bryant explained that while current laws are functional for peacetime, there is a gap in how the UK addresses “grey zone threats”. He explained that the government is looking at creating a defence readiness bill in future, as noted in the recent Strategic Defence Review.

Threats to undersea cables pose a significant risk to the UK cyber industry by jeopardising the secure and reliable flow of data that underpins its operations and services. This session was part of a larger inquiry into the security of the UK’s undersea cables, which is set to be published later this year.

Parliamentary report on Iranian cyber threats

A report from Parliament’s Joint Intelligence and Security Committee has warned that Iran poses a significant and persistent cyber threat to the UK, on a par with those from Russia and China.

The report, which is based on classified intelligence and expert interviews, highlighted the damage caused by Iranian cyber attacks targeting UK companies, as well as ongoing efforts by the Islamic Revolutionary Guard Corps (IRGC) to conduct hostile operations within the UK. It also outlines the various measures the UK has taken to respond, including “offensive cyber” and to address “cyber espionage”.

Parliamentary questions

This month, members raised questions around ensuring the resilience of 6G infrastructure against cyber threats, the investigation into recent cyber attacks on Marks and Spencers and the support of high street retailers (also here) against these attacks. A member also asked about the safeguarding of air traffic control from cyber threats. Finally a member from the House of Lords raised a question on public cybersecurity vacancies and contracting.

NCSC updates

Guidance on password managers and passkeys: The NCSC advises using trusted password managers and adopting passkeys to improve online security, reduce password fatigue, and protect against phishing.
Principles for protecting sensitive personal data: The NCSC has published guidance outlining security principles for managing sensitive personal information in datasets, recommending strict access controls, encryption, and separation of access processes to reduce the risk of unauthorised access.
Cultural principles launched to embed cybersecurity: The NCSC has launched new Cyber Security Culture Principles, urging cyber security professionals, organisational leaders, and culture specialists to drive cultural change that embeds cyber security into everyday practices.

Business Updates

Cyber security investment drives growth but threat landscape intensifies

UK businesses are generating an estimated £27bn in additional annual revenue from investing in cyber security, according to research by ESET, a global cyber security provider. The data shows that 53% of UK firms report increased turnover linked to cyber investment, with 70% of those attributing growth to winning new business due to strong cyber credentials.

44% of firms reported that robust cyber security has enabled them to take more risks, such as entering new markets or adopting new technologies. However, the retail and public sectors remain frequent targets. ESET also found that 53% of UK firms have suffered at least one cyber attack, and that cyber crime has cost UK businesses £63bn in the past three years.

It was further reported that 77% of firms plan to increase their cyber security budgets as they increasingly see digital resilience as a commercial asset rather than just risk mitigation. Despite this, only 12% fully outsource their cyber operations, and 69% have experienced ransomware breaches.

Four arrested over cyber-attacks on M&S, Co-op and Harrods

The National Crime Agency (NCA) said two 19-year-old men, a 17-year-old boy and a 20-year-old woman had been apprehended on suspicion of breaching the Computer Misuse Act, blackmail, money laundering and joining the activities of organised crime.

About CBN

Founded by Clarity

Global digital marketing and communications agency, providing fearless marketing and consultancy to the world’s most progressive companies.

We match data-driven science with human ingenuity to expand our full-funnel, specialist services and expertise. Our vision is to accelerate positive change and impact across the world. A firm believer of cybersecurity as an enabler of growth and resilience, we are proud to driving its prosperous impact forward. Get in touch with secretariat@cb-network.org to understand more on how Clarity can enhance reputation, create impact, and drive growth in your organisations.

CBN Newsletter | January 2025

Our monthly update to bring you the relevant, high-level policy and business news from across the cyber sector.

This month, we provide an update on two significant announcements from the UK government, an insights piece from out CBN comms lead, and our usual policy and business news.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch.

never miss a thing

Sign up for news and upcoming events

Headline News

Global Cybersecurity Outlook 2025
The World Economic Forum (WEF) has published its annual Global Cybersecurity Outlook report, which highlights the complexity of the cybersecurity landscape – intensified by geopolitical tensions and emerging technologies, interdependencies and cybercrime sophistication, governments, organisations and individuals are being challenged to adapt and innovate in order to ensure our continued security.

Please see below for a longer analysis.

Risk facing UK “widely underestimated”
The National Cyber Security Centre (NCSC) published its Annual Review 2024, drawing out key aspects and learnings from the agency’s work over the past year across four chapters – cyber threats; cyber resilience; the cyber market ecosystem; and future cyber technologies.

Notably, it highlights geopolitics and the continuing cyber threat of nation-state actors – particularly China and Russia – against the UK’s critical national infrastructure (CNI), a point which was emphasised further by CEO Richard Horne in his first major speech.

Launching the Review, Horne cautioned that cyber risks facing the nation from nation state actors are “widely underestimated”, and the UK is engaged in a “contest for cyberspace” with those seeking to use our “technology dependence” to disrupt daily life. The report indicated that there has been a sizable increase in the number of incidents handled by the organisation in the 12 months up to August 2024, with ransomware being the most pervasive threat.

UK: AI Opportunities Action Plan
The UK Government has published its “AI Opportunities Action Plan”, which lays out how it intends to employ artificial intelligence (AI) to boost economic growth and deliver more efficient public services, and is described as a “cornerstone” of the Government’s Plan for Change.

Identifying three overarching goals, the Plan is broken down into 50 recommendations which give further detail and approximate timelines for when each will be implemented. Overall, the Plan takes a bold approach to AI, with the “safety” and “guardrails” approach from previous Prime Minister Sunak seemingly left behind. Interestingly, cyber (security) does not feature heavily, instead only mentioned briefly in terms of increasing talent and skills, as well the potential for regulation to actually drive innovation, rather than hinder it.

If you have any questions about what these updates mean for the cyber sector or your business, or would like to engage with the Industrial Strategy consultation, please get in contact with us at secretariat@cb-network.org.

Enhancing communication between security and business leaders

Written by Marco Bresciani, Cyber Risk Enthusiast and CBN Board Member

How can cybersecurity professionals bridge the gap between technical risks and business priorities?

Communicating cybersecurity risks effectively to executives requires more than just technical knowledge – it needs data-driven, actionable insights.

Cyber risk quantification (CRQ) bridges this gap by offering an objective way to assess and communicate cyber exposure, enabling better decision-making and risk prioritisation. Frameworks like Open FAIR framework provide structured approaches, but challenges such as complexity, manual processes and static data have hindered adoption.

Early adopters show that success comes from aligning CRQ with business needs, leveraging available data and automating processes for efficiency. CRQ is now maturing into a vital tool for informed cybersecurity investment and risk management, proving that innovation thrives where determination exists.

Read the full article from CBN Board Member Marco Bresciani, who delves into the evolving role of CRQ and its potential to revolutionise cybersecurity communication.

Image credit: Thinkstock

News Updates

Political and policy updates

CMA reform gains traction in the House of Lords
Lord Holmes of Richmond, supported by Lord Clement-Jones, tabled an amendment relating to the Computer Misuse Act (CMA) during the Lords Committee stage (day 4) debate of the Data (Use and Access) Bill.

The amendment would have afforded a legal defence for legitimate cybersecurity activities, serving to provide stronger legal protections for cybersecurity researchers and professionals engaged in threat intelligence research, updating in provisions made in 1990 by the CMA. As noted by Lord Arbuthnot of Edrom, these amendments come in the context of the long-standing CyberUp campaign. The Lords urged the Government that the update is necessary for the UK to avoid falling further behind advancements in emerging technology, such as AI.

The Minister, Baroness Jones of Whitchurch, acknowledged the importance of having the correct legal framework to protect legitimate cybersecurity activities, and that the Government is committed to ensuring the CMA is updated, with the issue being investigated by the Home Office, as well as the NCSC and law enforcement agencies.

The amendments were withdrawn.

Regional skills projects to bolster UK cyber defences
The Government has announced £1.9m new private and government funding for 30 projects, delivered by local organisations, which will be targeted at boosting the UK’s cyber resilience by plugging skills gaps.

First announced at a global cyber security meeting convened by the UK in September, these projects – delivered by organisations such as universities, local community groups and businesses – will tap into local “know-how” and partnerships to support initiatives which meet the needs of individual areas. The projects include programmes to upskill workers and improve diversity in the talent pipeline, ultimately serving to bolster the cyber workforce, drive growth, and improve economic and cyber security.

Reaction system activated to track undersea infrastructure threats
Following reported damage to an undersea cable in the Baltic Sea, the UK and allies have launched a new UK-led reaction system to track potential threats to undersea infrastructure and monitor the Russian shadow fleet via the Joint Expeditionary Force (JEF).

Second UK-EU Cyber Dialogue takes place in London
The second Cyber Dialogue between the EU and UK took place in London in December, during which representatives discussed respective approaches to cyber resilience; deterrence strategies; countering cybercrime; the Pall Mall Process; cyber skills; and cyber capacity building.

The next dialogue will take place in Brussels in 2025.

UK and Norway join forces to counter eavesdropping
The UK and Norwegian governments announced an agreement to collaborate more closely on research and development of technical security, to detect and expose eavesdropping devices.

Under this agreement, the two nations aim to bolster their collective resilience against threats from hostile states.

NCSC updates

CyberFirst girls competition: the results of its 2024 CyberFirst Girls Competition saw this year the largest number of girls signing up since its inception. The contest is designed to encourage girls to explore the world of cyber and technology, helping to address the lack of diversity in the UK cyber workforce, where women currently make up just 17%.
Improving operational technology (OT) security: new guidance is designed to help critical infrastructure organisations secure their operational technology (OT) systems.
Cyber Incident Response scheme: the Cyber Incident Response (CIR) ‘Enhanced Level’ (formerly Level 1) scheme standard has been updated, including new prerequisites and qualification requirements. The scheme is preparing to begin accepting new applications in the new year.

Business and industry

Notably, the report marks a stark disparity between large and small organisations in terms of security capabilities – a trend which is reflected between the global north against the global south, and private versus public sector.

Looking ahead to 2025, the report predicts that the world is entering an “unprecedented” era of complexity – with both national and international companies facing overlapping, increasing regulatory requirements and greater dependence upon potentially insecure supply chains.

It presents an “AI-cyber paradox”, threat actors employ new technologies to widen the threat to potentially disrupt human safety, as cyber defenders race to employ the same technologies to strengthen barriers against such attacks. Future technologies such as quantum computing offer “unprecedented” opportunities to accelerate security – and risk.

The report concludes by highlighting that it is crucial for leaders to understand the cumulative impacts of this complexity on both organisational and national cybersecurity – and that the financial implications of a lack of cybersecurity measures should far outweigh the cost of implementing the measures.

Cyber in the headlines: state-affiliated threats dominate landscape
Against the backdrop of rising geopolitical tensions, reports highlighting the ever-increasing rate of cyberattacks – particularly from state-affiliated groups – have dominated sector headlines.

A report from Cyfirma focused on the sharp increase in frequency and severity of attacks from Russian-affiliated groups such as Sandworm and APT29 over the course of 2024, targeting key areas in the UK and NATO allies such as critical infrastructure, governmental and defence organisations, and supply chains.

At the same time, reports that Chinese state-affiliated Salt Typhoon hacker group carried out a series of high-profile attacks against US-based telecommunications companies has highlighted the possibility of similar attacks against UK equivalents.

The NCC Group’s analysis of cyber threats in the UK highlighted a rise in ransomware attacks which featured a “blurring of lines between criminal and state-sponsored activity”, making way for more “sophisticated” attacks from a range of actors. Over three-quarters of attacks affected organisations in Europe and North America, particularly against “industrials” sectors, with Akira acting as the most active threat and new ransomware strain Ymir emerging as a dominant player.

News of rising threats – or indeed from state-affiliated actors – may be nothing new, but recent reports taken together have indicated a refreshed awareness which we can expect to continue throughout this year; this is reflected by the NCSC’s Annual Review, and by the WEF’s Cybersecurity Outlook.

Industry Event |GovTech Show and Exhibition 2025: Public Sector Innovation and Transformation

The Royal Society of Medicine, London
19th March 2025, 9am – 5pm

CBN is delighted to offer our members an exclusive opportunity to join the Institute of Government & Public Policy for their upcoming GovTech and Exhibitor 2025 event.

In collaboration with Socitm, the Society for Innovation, Technology and Modernisation, the event will to reimagine how the public sector operates and serves citizens. It will tackle the barriers and challenges of transforming public services to meet demand head-on, and attendees will walk away with actionable insights on harnessing efficient, secure, and sustainable technology to deliver cost-effective, citizen-centric services.

Join IGPP in central London for an immersive journey where public sector professionals, policymakers, and the brightest minds in industry converge to explore the technological possibilities shaping the future of the UK public sector.

CBN is able to offer 20 exclusive free places to our members. If you are interested, register your place with sign up code: CLARITY100.

About CBN

Our new mission is to bring together cybersecurity companies to network, learn and debate across three key pillars — trade and export, policy, and market insights. Our members will be enabled to promote their cybersecurity expertise and capabilities, strategically engage with key stakeholders and develop lasting relationships in key verticals, in a wider effort to influence government policy and promote innovation in the sector.

The strategic direction of CBN is shaped by our Membership who benefit from increased brand exposure and engagement opportunities with key stakeholders in the cyber space, other key sector verticals, media, government and regulators.

Founded by Clarity

CBN Newsletter | December 2024

Our monthly update to bring you the relevant, high-level policy and business news from across the cyber sector.

This month, we provide an update on two significant announcements from the UK government, an insights piece from out CBN comms lead, and our usual policy and business news.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch.

never miss a thing

Sign up for news and upcoming events

Headline News

UK hosts NATO Cyber Defence Conference
On 25th November, the UK’s Chancellor of the Duchy of Lancaster, Pat McFadden, addressed the second ever NATO Cyber Defence Conference at Lancaster House to highlight the threat of Russian aggression in cyberspace and announce the launch of a new security research lab.

McFadden said NATO members need to work together to strengthen their collective cybersecurity, and must “not underestimate” the threat Moscow – and other adversaries including Iran, North Korea, and China – poses in a “hidden war”, consistently targeting critical national infrastructure. He highlighted that, after 75 years, Western allies “need NATO more than ever”.

Further, the Chancellor, who oversees all national security and resilience for the UK, unveiled a new Laboratory for AI Security Research (LASR), in recognition that AI is “revolutionising” national security. The Lab, which has been set up in partnership between the UK Government, academia and the private sector, will also seek collaboration with allies including NATO and Five Eyes nations to help create better defence tools and organise intelligence.

Separately, NCSC CEO Richard Horne is expected to make is first major speech today (3rd December 2024) since starting the role in October to highlight that hostile activity in UK cyberspace has increased in “frequency, sophistication and intensity” from nation-state actors, including Russia and China, who want to cause maximum disruption. His speech also launches the NCSC’s eighth Annual Review, released today.

Chancellor calls out fraud in Mansion House speech
Rachel Reeves delivered her first Mansion House speech as Chancellor of the Exchequer on 14th November to unveil a strategy for driving economic growth, boosting private investment, and reforming financial services. Overall, her speech was centred on public investment, addressing domestic challenges, and enhancing the UK’s role in finance.

Notably, she also called on technology and telecommunications companies to go further in addressing fraud, alongside law enforcement and coordinated efforts across sectors, ahead of the upcoming fraud strategy expected in spring 2025.

The other frontline: UK Government recognition of cyber threats

Shortly after the Labour party came to power, the new Secretary of State for Science, Innovation and Technology Peter Kyle warned that Britain is “desperately exposed” to cyber threats and pushed for the new Cyber Security and Resilience (CSR) Bill to replace a previously expected AI Bill, in order to prioritise national security amid warnings from the NCSC of rising attacks on critical national infrastructure (CNI) organisations.

Fast forward a few months down the line and NCSC Head Richard Horne has cautioned that cyber risks facing the nation, particularly from nation-state actors including Russia and China, are “widely underestimated”. He went on to say that the UK “must improve” the defence and resilience of CNI, supply chains, the public sector and the wider economy.

Horne’s speech follows the message from Pat McFadden, Chancellor of the Duchy of Lancaster who, last week, highlighted the importance of international cooperation on cybersecurity at the NATO Cyber Defence Conference, and announced the launch of a new Laboratory for AI Security Research (LASR). In his speech, McFadden noted that the war in Ukraine “is also raging on another frontline, in cyberspace.”

Taken alongside the recent designation of data centres as CNI and a potential commitment to reform the Computer Misuse Act (CMA) it would seem that the UK government has a high regard for and strong focus on cyber – however, this recognition is clearly not enough, as recent high-profile attacks on NHS hospitals and Transport for London (TfL) publicly highlight the fragility of our networks, and reports on the vulnerability of SMEs crop up frequently.

As noted by the Times, there is “only so much the government can do”, particularly given the vulnerability of supply chains, yet it still bears the primary responsibility for our national security.

So outside of legislation, what is the role of government in shoring up the defences of UK businesses? How could it better capitalise on the potential of the British cyber ecosystem – is innovation and investment really prioritised, and is the procurement process fit for purpose?

CBN plans to look at these questions – and more – in 2025. We always welcome input from our members, so please get in touch with any thoughts!

If you have questions about how you can better communicate your services, ongoing media trend analysis or wish to engage with government affairs, please get in touch with the CBN team.

News updates

Policy and political

4th Republic of Korea-UK Cyber Dialogue held in London
The UK hosted the fourth Cyber Dialogue with the Republic of Korea, during which the two countries discussed a wide range of issues including threat deterrence strategies, private sector collaboration, cyber skills, and international cooperation.

NCSC updates

Cyber Security Toolkit for Boards: the NCSC has updated its Cyber Security Toolkit for Boards, now including a case study on the British Library’s ransomware attack that offers critical insights into cybersecurity vulnerabilities. The case study emphasises that senior management should be equipped with “cyber-risk awareness and expertise” to make informed strategic decisions that impact investment outcomes.
UK and allies warn of rising zero-day attacks: the NCSC and international partners in Australia, Canada, New Zealand and the United States have reported a surge in cyber attackers exploiting zero-day vulnerabilities, with most of the top 15 vulnerabilities in 2023 targeted before fixes were available. Organisations are urged to apply patches promptly, manage vulnerabilities effectively, and adopt secure-by-design principles to reduce risks.
Banishing malicious adverts: new guidance on digital advertising is designed to support businesses in choosing a “security-forward” partner, in order to increase public and commercial trust of the sector and allow businesses to protect revenue and reputation when advertising online.
Black Friday cyber fraud warning: UK cyber and law enforcement agencies have launched a 2-step verification campaign as they urged shoppers to protect themselves against online scams.

Business and industry

New UKRI-funded network to bolster UK’s cyber security research ecosystem
The Cyber Security Research and Networking Environment (CRANE) NetworkPlus, established by Oxford University’s Computer Science Department, has been awarded a £6 million investment from the UKRI Engineering and Physical Sciences Research Council (EPSRC).

Launching in 2025, the initiative aims to drive better cyber security across the economy and make businesses, charities, communities, and people more resilient against cyber threats.

UK retailers exposed to email fraud ahead of Black Friday
New research from cyber company Proofpoint reveals that 40% of top UK online retailers are not fully protecting customers from email fraud, leaving them vulnerable during the pre-festive shopping period.

The study found that only 60% of retailers have implemented Domain-based Message Authentication, Reporting and Conformance (DMARC) protection – an email authentication protocol designed to block fraudulent emails. While this is a slight improvement from 2023, many retailers still lack adequate security.

Amid holiday sales, the report urges consumers to use multi-factor authentication, avoid suspicious websites and verify deals to stay safe from phishing and fraud.

This report is based only on data collected by Proofpoint.

About CBN

Founded by Clarity