CBN Newsletter | August 2025

Our monthly update to bring you the relevant, high-level policy and business news from across the cyber sector. 

This month, we take a look at the Government’s overview of submissions to the Ransomware Consultation, Government Resilience Action Plan, and a raft of other public and private sector announcements.

If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch. 

never miss a thing

Sign Up to Hear about News and events

Sign up

Headlines

Consultation response: Ransomware

Following on from the consultation in the Spring, Ransomware: proposals to increase incident reporting and reduce payments to criminals, the Home Office has published an overview of submissions and its response. 

Overall, the feedback on the proposals was “positive and constructive”, and the Government intends to move forward with all three of its proposals, bringing in legislation around this.  

• Proposal 1: targeted ban on CNI operators: CNI operators would be banned from making ransomware payments.
• Proposal 2: a new ransomware payment prevention regime: for businesses not included in the CNI ban.
• Proposal 3: an incident reporting regime: a new mandatory, threshold-based incident reporting regime.

The Government has promised to publish “detailed guidance” before new reporting obligations come into force, as concerns from the NCA and other groups remain that these proposals may not have the deterrent effect the Government is hoping for. A representative from RUSI noted that the ransomware ban might not have the desired effect of deterring criminals from attacking UK CNI, and in fact make it harder for businesses to recover; he also called for more resources for the NCSC and NCA to cope with the increase in reporting.  

In addition, the Home Office is also reviewing the Computer Misuse Act (1990) and an update to this may be introduced alongside ransomware legislation. 

Research conducted by Commvault has found that 75% of UK business leaders would risk criminal charges and break a ransomware payment ban if it applied to the private sector. The study, which surveyed leaders from companies valued at over £100 million, interestingly also revealed that 96% believe such payments should be banned across both the public and private sectors.

Government Resilience Action Plan

The Cabinet Office has published its new “Government Resilience Action Plan”, outlining a strategic approach to enhancing the nation’s preparedness against various complex risks, including pandemics, cyber-attacks, climate change, and geopolitical instability.

The plan revolves around three main objectives: firstly, to continuously assess risks and resilience through improved data-sharing and science-based analysis; secondly, to promote whole-of-society engagement by providing communities, businesses, and critical infrastructure with enhanced tools and training; and thirdly, to fortify public sector systems through clearer roles, stronger local leadership, and independent oversight.

The plan mentions a commitment to build a new Cyber Resilience Index (CRI) to provide a cross-sector, holistic overview of cyber resilience for UK CNI to target resilience building efforts, as well as the Home Office’s work to progress their ransomware proposals and the upcoming Cyber Security and Resilience Bill (no specific date given). 

If you would like to get involved in our work or have questions, please contact us at secretariat@cb-network.org.

Insights

CBN Supports New Roadmap for UK Cyber Workforce Development

A new whitepaper from the East Midlands Cyber Security Cluster, supported by the All-Party Parliamentary Group (APPG) for Cyber Innovation, sets out a roadmap to address the UK’s ongoing cyber workforce challenges. The Cybersecurity Business Network (CBN), as Secretariat to the APPG, supported the drafting and publication of this report, including the foreword and recommendations to Government.

Authored by Dr Ismini Vasileiou , the report explains the need for a UK-wide cyber skills taxonomy. It highlights that the current landscape is fragmented, with too many frameworks, inconsistent job descriptions, and a persistent gap between what education provides and what industry needs.The report explains the need for a UK-wide cyber skills taxonomy. It highlights that the current landscape is fragmented, with too many frameworks, inconsistent job descriptions, and a persistent gap between what education provides and what industry needs.

Some of the main recommendations are: a DSIT-led taskforce to create a national taxonomy for cyber skills; a national body to manage this taxonomy; steps to encourage employer adoption of skills-based recruitment; better alignment between education and real-world cyber jobs; and national support for regional cyber skills programmes.

For cyber businesses, this unified approach would make hiring and developing talent clearer and more consistent. It would also help inform training and qualifications, improve diversity in the sector, and ensure the workforce can keep pace with new threats, especially as technology changes.

CBN looks forward to working further with the East Midlands Cluster and the APPG for Cyber Innovation to take this work forward in the autumn. We encourage our members to get involved with this effort as we look to help shape the future of the UK cyber workforce.

Policy and Political

Update on M&S and Co-Op cyber attacks 

The House of Commons Committee on Business and Trade’s Sub-Committee on Economic Security, Arms and Export Controls heard a series of evidence sessions, which looked at the UK’s wider economic security, with particular lines of questioning revolving around the recent attacks. 

In the first session, representatives from the Blavatnik School of Government highlighted that evolving cyber threats now include the risk of large-scale disruption to critical services. NCC Group emphasised the increasing risk from the convergence of state and criminal cyber actors and underlined the value of strong public-private partnerships, and RUSI suggested that mandatory cyber incident reporting and improvements in cyber insurance would strengthen national cyber resilience.

The second session, with senior representatives from the NCA, City of London Police, and the NCSC, focused on the UK’s ability to respond to growing cyber threats and the challenges faced by both public and private sectors. Representatives also underlined the increasing complexity and scale of cyber threats, and stressed the need for improved basic cyber hygiene, collaborative incident response, and stronger international cooperation to keep pace with a rapidly evolving threat landscape.

Finally, in response to the recent cyber attacks faced by their companies, the representatives from Marks & Spencers (M&S) emphasised the importance of a rapid counter-response, board-level focus and improved Government coordination, as well as investment in IT and cybersecurity modernisation.Representatives from Co-Op also argued that layered cyber defences, crisis planning and industry-wide collaboration on cyber resilience were valuable assets to limit the impact of cyber attacks and prevent ransomware deployment.

Government ministers responded to the committee inquiry largely in agreement, with a strong consensus that coordinated action across departments, robust risk assessment, and close collaboration with business, especially in supporting SMEs and critical sectors was necessary whilst acknowledging that public-private partnership and whole-of-society engagement must evolve to meet rapidly changing threats.

The NCA said two 19-year-old men, a 17-year-old boy and a 20-year-old woman had been apprehended in connection with the attacks, on suspicion of breaching the Computer Misuse Act, blackmail, money laundering and joining the activities of organised crime. 

Defence Committee publish report on “grey zone” threats 

The Defence Committee has published its latest report, “Defence in the Grey Zone”, which examines how the UK is dealing with threats that fall below the level of armed conflict. These threats include sabotage, espionage, cyber-attacks and disinformation.

The report highlights a sharp rise in cyber-attacks targeting the UK, particularly from hostile states such as Russia. The Ministry of Defence (MOD) and the National Cyber Security Centre (NCSC) have seen significant increases in the number and sophistication of attacks.

A key concern is the vulnerability of critical national infrastructure (CNI), such as undersea data cables and energy pipelines. The report notes that disruption to these systems could have a major impact on the UK’s economy and society.

The Committee found that many cyber threats exploit the weakest links in the digital supply chain. This includes public and private organisations that support defence, such as contractors and service providers; a recent example is a breach involving armed forces payroll data held by a contractor. The report also stressed  the need for a “whole of society” approach to resilience. It encourages the MOD to work with other Government departments, alongside industry, education institutions and communities to raise awareness of cyber threats and improve preparedness.

Key recommendations

• The MOD should expand its capabilities to deter and defend against cyber threats, including to critical infrastructure.
• The MOD should review how it protects all digital networks it relies on and report on progress within a year.
• The MOD should set out a plan to increase recruitment and retention of cyber skills, including partnerships with private sector experts.
• The government should consider establishing a dedicated minister to oversee homeland security and resilience, including cybersecurity.

CBN members who  would like to discuss the findings further are encouraged to contact secretariat@cb-network.org.

NCSC updates

• NCSC technical attribution of Russian cyber espionage (APT 28): The NCSC attributes the sophisticated malware AUTHENTIC ANTICS to Russian group APT 28, used for long-term access to Microsoft cloud accounts. The UK has sanctioned related GRU units and individuals, urging stronger cyber defences against ongoing Russian threats.
• NCSC alert on Microsoft SharePoint vulnerability: The NCSC urges immediate patching of on-premises SharePoint Servers due to active attacks exploiting a critical vulnerability (CVE-2025-53770). Apply Microsoft’s updates and follow additional security steps to protect your systems.
• NCSC guidance on tech-facilitated domestic abuse: The NCSC offers practical advice and workshops for practitioners supporting victims of technology-enabled domestic abuse, helping prevent digital monitoring and harassment.

Parliamentary questions

This month, members raised questions around data breaches of legal aid providers, civil contingency planning around CNI cyber attacks in Northern Ireland, maintaining common cyber standards with international partners. Members of the House of Lords raised questions on state-backed cyber attacks, the vulnerability of Government digital systems against cyber, and a question on the Afghanistan data loss incident.

Business & Industry

BBC Panorama report highlights the rising threat of ransomware attacks 

A recent BBC Panorama documentary explores how ransomware attacks continue to pose a significant threat to UK businesses, with incidents leading to severe operational disruption and, in some cases, business closure. 

The NCSC and NCA report a rising frequency and sophistication of such attacks, driven by both organised crime and individuals employing social engineering techniques. The current absence of mandatory reporting means the real extent of the issue may be underrepresented, and officials emphasise the growing national security risk posed by ransomware, noting the need for improved baseline cyber hygiene, organisational resilience, and consideration of further regulatory measures.

Cybersecurity professionals under increasing pressure from complex risks

A recent Bitsight report finds that UK cybersecurity leaders are under increasing pressure from complex risks, higher board expectations, and new compliance demands. While UK organisations are more likely than their global peers to monitor third-party cyber risks, few are able to turn this data into practical intelligence that informs decision-making or board discussions. 

Only a minority of firms have mature, well-aligned cyber risk management programmes, and compliance remains a low priority even as new rules come into force. Burnout amongst UK cybersecurity professionals remains high, with 59% of professionals reporting stress or exhaustion, and more than half of firms struggle to communicate cyber risks in terms the board understands. The report highlights a growing gap between monitoring activity and the ability to use that information to strengthen resilience and meet business goals.

Greater appetite amongst reinsurers to explore cyber-based diversification strategies 

Despite a recent series of international cyber-attacks targeting retail, the European cyber insurance market has maintained lower premiums, broad availability of cover, and more favourable terms for buyers. According to industry commentary, these incidents have not resulted in claim volumes or losses large enough to prompt a shift towards a harder market, and a significant systemic event would be needed to change current market conditions.

Softer market conditions in both primary insurance and reinsurance are prompting more reinsurers in 2025 to explore diversification strategies, with a particular focus on emerging risks such as cyber. The cyber insurance market is being identified as a key growth area as traditional lines see supply beginning to outpace demand. The evolving nature of cyber risk, limited historical loss data, and ongoing uncertainty over risk accumulation present a complex landscape for reinsurers. 

Events

Invitation: West Yorkshire ICB Distinguished Lecture Series

CBN members are invited to take part in the new West Yorkshire Integrated Care Board Distinguished Lecture Series. 

This programme, delivered in partnership with the West Yorkshire Innovation Hub, will run over the next year and feature expert speakers from the UK and abroad. Topics will include digital health, data-driven innovation, and technology in care.

Why attend?

• Hear from leading voices in digital healthcare.
• Learn about real-world uses of digital tools and AI.
• Build your confidence in supporting digital change.
• Connect with others interested in digital transformation.

Who can join?
The series is open to all staff across West Yorkshire’s health and care system, including digital and non-digital professionals, provider organisations, the VCSE sector, social care staff, and universities.

Register for the first session:
Click here to book your place

Feel free to share this invitation with colleagues. We hope you can join and benefit from these insightful events.

Invitation: Parliament & Cyber Conference 2025 – Sponsorship and Registration Now Open

CBN is hosting the inaugural Parliament & Cyber Conference on 24th November 2025 in the Houses of Parliament, Westminster. 

This event will bring together senior executives, parliamentarians, policymakers, and sector leaders to collaborate on the future of cyber resilience, innovation, and growth in the UK.

Why Attend?

• Join over 150 senior delegates from government, industry, academia, and NGOs.
• Hear keynote speeches from leading ministers and cyber experts.
• Take part in interactive panels and focused breakout sessions on emerging technology, policy, and sector growth.
• Network with key decision-makers shaping the UK’s cyber security landscape.

Sponsorship Opportunities
Sponsoring the Parliament & Cyber Conference places your organisation at the centre of vital cyber policy conversations. Sponsors benefit from:

• High-profile visibility and branding
• Speaking opportunities and panel participation
• Strategic networking with leaders and policymakers
• A sponsor booth in the networking area

Registration – priority for full members
Due to limited capacity, registration is open to all but will prioritise full CBN members and event sponsors. To secure your place, please register your interest using the link provided. Multiple attendees from your organisation may be registered, but all emails are required.

Non-members and associate members are welcome to register but will be placed on a waiting list. To ensure your spot, consider upgrading to full membership or becoming an event sponsor.

Register your interest now to take part in the UK’s premier cyber security conference and help shape the future of national resilience.

For registration and sponsorship enquiries, please contact: Krystian@cb-network.org

About CBN

The Cybersecurity Business Network is a coalition of leading UK-based organisations committed to strengthening the nation’s cyber resilience, fostering innovation and supporting economic growth. Through collaboration and knowledge sharing, we empower our members to drive growth and set standards for excellence across the UK cyber sector.

As a member-led network, our ambition is to serve as the unified voice of the UK cyber industry, championing its interests, amplifying its potential, advocating for greater engagement and support from government, media, and the wider business community.

Membership to CBN is free for all cybersecurity organisations. If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.