never miss a thing
Sign up for news and upcoming events
CBN Newsletter | March 2026
Our monthly update bringing you the relevant, high-level policy and business news from across the cyber sector.
This month, we examine the heightened threat against UK businesses following the outbreak of conflict in Iran, as well as reviewing the government’s new ‘lock the door’ strategy, and analysing the market impact of new AI cybersecurity tools.
If you have any questions about the content, or believe we should add to our coverage, please do not hesitate to get in touch.
Headlines
NCSC warns UK organisations over heightened Iranian cyber threat
The National Cyber Security Centre (NCSC) has issued a warning to UK businesses, urging them to prepare for heightened risk from Iranian cyber attacks following Britain’s defensive support for US-Israeli military action against Iran.
The NCSC has urged all UK organisations, particularly those with assets, operations or supply chains in the Middle East, to urgently review and strengthen their cyber defences. While Iran is currently experiencing internet outages as part of their wider communications blackout, the NCSC says state-sponsored hacking groups retain the capability to conduct cyber operations against the UK.
Iran’s Islamic Revolutionary Guard Corps (IRGC) has long used both state-backed hackers and aligned ‘hacktivist’ groups to target Western interests, including attempts to disrupt or deface websites linked to US and Israeli businesses, and to run online influence and misinformation campaigns – such as an Iranian-backed campaign around Scottish independence, as reported by The Telegraph earlier this year.
This is against the backdrop of a larger history of cyber operations in the conflict between the US, Israel and Iran, including the infamous ‘Stuxnet’ virus that targeted Iranian nuclear centrifuges at the Natanz nuclear enrichment facility, which was uncovered in early 2010.
The NCSC is calling on UK companies, especially those with a significant presence in Gulf hubs such as Dubai and Abu Dhabi, to remain on high alert and act now to improve their cyber resilience.
New government campaign urges SMEs to ‘lock the door’ on cyber criminals
The UK government has launched a new cyber security campaign aimed at helping small and medium-sized businesses protect themselves from common online threats, amid rising costs to the economy estimated at £14.7 billion a year.
Half of UK small firms have reported suffering a cyber breach or attack in the past 12 months, with significant incidents costing an average of £195,000, according to the government’s 2025 Cyber Breaches Survey.
The campaign, led by the Department for Science, Innovation and Technology (DSIT) and the National Cyber Security Centre (NCSC), promotes the Cyber Essentials scheme, a government-backed standard that helps organisations put basic protections in place.
Cyber Essentials focuses on five key controls: firewalls, secure configuration, software updates, user access control and malware protection. According to government statistics, organisations compliant to Cyber Essentials made 92% fewer cyber insurance claims last year.
Targeted particularly at SMEs, the campaign will run across social media, podcasts, radio and business networks, directing firms to practical, free tools including the Cyber Essentials Readiness Tool, free 30‑minute consultations with NCSC‑assured advisors, and access to the Cyber Essentials question set.
Government and NCSC leaders stressed that cyber risk is now a core business risk, urging companies of all sizes to adopt baseline protections to safeguard jobs, growth and critical services.
Cyber Security and Resilience Bill completes committee stage
On the 3rd March, the committee stage of the Cyber Security and Resilience Bill concluded, following weeks of debate and industry evidence, including the evidence submitted by CBN to the Bill Committee.
The committee stage hearings on the Cyber Security and Resilience Bill brought together regulators, public bodies, industry and academia to scrutinise the government’s flagship cyber legislation to significantly expand and update the existing Network and Information Systems (NIS) framework.
While there is broad agreement that the Bill is a positive step towards strengthening resilience in vulnerable sectors, witnesses raised concerns about scope, legal clarity and the potential burden on smaller firms.
Throughout the committee stage, industry voices called for clearer definitions and legal certainty throughout the Bill as it sought to expand the scope of NIS to cover data centres, large load controllers and managed service providers, and introduced a new five-step test to designate ‘critical suppliers’.
Critics warned that heavy reliance on secondary legislation to define thresholds risks creating an ambiguous and costly compliance environment, particularly for SMEs, as well as pressing for more impact-based thresholds, and highlighted the need for a single, consolidated incident reporting portal.
You can find CBN’s summary of insights from the Committee Stage in the following article.
While the committee stage has concluded with few amendments adopted to calm industry concerns, greater scrutiny and examination of the Bill is expected as it progresses to Report Stage in the House of Commons, before being sent to the Lords’ to undergo further debate.
The date of the Bill’s Report Stage has yet to be announced. If you have any questions about the Cyber Security and Resilience Bill, feel free to get in touch at secretariat@cb-network.org.
Policy & Political
UK steps up action against foreign interference in universities and politics
The UK government has announced new measures to strengthen protections against hostile state interference aimed at universities and the political system.
Senior leaders from more than 70 universities attended a high-level security briefing led by MI5 Director General Sir Ken McCallum and NCSC CEO Richard Horne, focused on how foreign states seek to shape or censor research and teaching – and how institutions can resist and report such activity. A separate briefing was also held for officials from all UK political parties.
Backed by £3 million in new funding, the new measures introduce the ‘Academic Interference Reporting Route’, offering senior university staff a direct channel to raise concerns with government and the security services, plus a planned proactive advisory service, updated guidance, and training to help staff and students understand and respond to threats.
Security Minister Dan Jarvis reinforced the importance of tough action on foreign interference, stating that the UK must be “clear-eyed that our world-class universities and democratic processes are being targeted by states who want to undermine our way of life”.
In addition to the new measures, The Department for Education will also consult the wider sector on the design of a new proactive advisory service, alongside further guidance and training.
Northern Ireland Secretary visits Queens University Belfast’s Centre for Secure Information Technologies
On the 24th February, Secretary of State for Northern Ireland Matthew Patrick visited Queen’s University Belfast’s Centre for Secure Information Technologies (CSIT) and the Cyber-AI Hub to see how its research is advancing cyber security in areas such as secure hardware, critical national infrastructure protection and trustworthy AI.
Professor Paul Miller led the Secretary of State tour of CSIT’s state-of-the-art facilities, showcasing collaborative R&D with NI-based cyber firms on AI-enabled security and securing AI itself. PhD researchers presented lightning talks on their projects, while engineers demonstrated in-house adversarial AI defence technologies.
The visit served to demonstrate the importance of the cyber industry to the regional economy, as the 2025 NI Cyber Security Sector Snapshot identified over 2,750 cyber security roles in Northern Ireland and an estimated £258 million contribution to the local economy. The report underscored the importance of CSIT’s Cyber-AI Hub in driving collaboration and innovation.
NCSC Updates
- Alert: NCSC advises UK organisations to take action following conflict in the Middle East: NCSC has issued an alert advising UK-based organisations to review their current cybersecurity parameters following the outbreak of conflict in the Middle East. While there is no current significant change in the direct cyber threat from Iran to the UK, this assessment may be subject to change due to the fast-evolving nature of the conflict.
- Improving your response to vulnerability management: Based on the methods from a research paper published by NCSC describing methods to assess ‘forgivable’ vs ‘unforgivable’ vulnerabilities, this blog post offers tips for vulnerability researchers, developers and UK organisations to increase the efficacy of their cyber vulnerability management.
- Can you help the NCSC with the next phase of EASM research: Following the conclusion of the first phase of research into attack surface management (ASM), NCSC has announced the next phase of their research looking into external attack surface management (EASM), and is reaching out to the widest possible range of organisations that utilise currently EASM to get involved.
- Exploitation of Cisco Catalyst SD-WAN: NCSC has issued a warning around malicious cyber threat actors that target Cisco’s Catalyst Software Defined Wide Area Networks (SD-WAN) used by organisations globally. NCSC has worked with it’s global partners to issue a Hunt Guide to assist in detection and threat hunting activities.
Business & Industry
New AI tools rattle cybersecurity stocks amid fears over disrupted business models
Cybersecurity stocks fell sharply in late February as investors reacted to the release of new AI-powered security tools that could challenge traditional cybersecurity offerings.
The market-wide sell-off followed Anthropic’s limited research preview of a new Claude-based security tool that can scan software code for vulnerabilities and suggest fixes, with further enterprise product announcements expected.
Major sector leaders including CrowdStrike and Zscaler dropped around 10%, Netskope and Tenable fell about 12%, while Okta, SailPoint, SentinelOne, Fortinet and Palo Alto Networks also lost ground.
Industry executives pushed back against the market’s reaction, arguing that AI code-scanning tools remain a cutting-edge innovation, but not a replacement for full-scale, ‘battle-tested’ security platforms. This comes as AI-powered security platforms continue to divide expert opinion
Government releases the results of fifth wave results from Cyber Security Longitudinal survey:
The government has released the fifth wave of results from its Longitudinal Survey on Cyber Security, showing that while incidents remain high, general cyber resilience measures do appear to be improving across industries and organisations.
The study tracked how UK organisation’s cyber practices, policies and investments are changing over time, combining survey data from 2021–2025 with in‑depth qualitative interviews.
The results show that incidents are still widespread: 82% of businesses and 77% of charities experienced a cyber incident in the latest wave, with over half of organisations (54%) reported a similar incident experience across both time points measured.
Adherence to NCSC’s Cyber Essentials program has risen significantly since the previous wave, with 30% of businesses now compliant (up from 23%) and 28% of charities (up from 19%). Organisations were also more likely over time to adhere to at least one recognised standard (Cyber Essentials, Cyber Essentials Plus or ISO 27001).
Supplier security remained an issue, with the data showing that medium-sized businesses and charities were less likely over time to formally assess cyber security of suppliers. UK organisations have been urged to assess the security of their critical suppliers as the threat of supply chain attacks continues to increase.
Events
Join CyberSummit 2026 – Turning Cyber Threats into Resilience and Growth
Senior leaders from across the UK cyber ecosystem will come together on Tuesday 23 June 2026 for CBN’s inaugural CyberSummit.
Held at Bird & Bird, 12 New Fetter Lane, London EC4A 1JP, this full‑day forum (10:00–17:00, followed by networking) will bring together 100+ senior figures including policymakers, government representatives, CISOs and C‑suite executives from critical sectors such as health, finance, energy, telecoms and insurance.
The summit will move beyond threat awareness to focus on tangible, layered resilience strategies, structured around four core themes:
- Threats to UK Business & CNI: State-sponsored attacks, ransomware, and supply chain risk
- Strengthening Organisational Resilience: Building adaptive, human‑centric security cultures
- Innovation, Opportunity & Growth: Showcasing UK cyber excellence and routes to commercialisation
- Advocacy & Policy: Ensuring industry has a strong voice in future UK cyber legislation
Open to CBN members, C‑suite leaders, technology heads and senior public sector representatives, CyberSummit 2026 is your chance to help shape a more resilient and prosperous digital future for the UK.
Please see more details about the CyberSummit here.
If you have any questions about CyberSummit or any upcoming events, feel free to get in touch at secretariat@cb-network.org.
About CBN
The Cybersecurity Business Network is a coalition of leading UK-based organisations committed to strengthening the nation’s cyber resilience, fostering innovation and supporting economic growth. Through collaboration and knowledge sharing, we empower our members to drive growth and set standards for excellence across the UK cyber sector.
As a member-led network, our ambition is to serve as the unified voice of the UK cyber industry, championing its interests, amplifying its potential, advocating for greater engagement and support from government, media, and the wider business community.
If you are interested to hear more about CBN or want to become a member, then please reach out to secretariat@cb-network.org for more info.