Cyber-attacks are becoming more frequent and severe, posing a greater risk to British organizations and the public, warned the UK’s National Cyber Security Centre (NCSC) in its latest Annual Review. The report, published on December 3, shows that the NCSC’s Incident Management (IM) team has intervened 430 times out of the 1957 cyber-incident reports it received over the past year, exceeding the 371 needing the agency’s involvement in 2023. Of these incidents, 89 were nationally significant, including 12 critical incidents – a threefold increase compared to last year.

Source: UK’s National Cyber Security Centre

Additionally, the IM team issued 542 bespoke notifications to UK organizations experiencing a cyber incident in 2024, over twice as many as the 258 bespoke notifications issued last year. New NCSC Chief Urges Stronger Cyber Defenses Richard Horne, NCSC’s new CEO, is expected to give his first-ever public speech in the role at an Annual Review launch event in London on December 3. “What has struck me more forcefully than anything else since taking the helm at the NCSC is the clearly widening gap between the exposure and threat we face and the defenses that are in place to protect us,” he said in prepared remarks released ahead of the event, underscoring the urgent need for stronger cyber defenses and increased collaboration to address escalating threats. “And what is equally clear to me is that we all need to increase the pace we are working at to keep ahead of our adversaries.” Horne believes most UK organizations, public and private, and the general public, are “widely underestimating” the country's cyber threats. “We need all organizations, public and private, to see cybersecurity as both an essential foundation for their operations and a driver for growth. To view cybersecurity not just as a ‘necessary evil’ or compliance function, but as a business investment, a catalyst for innovation and an integral part of achieving their purpose.” He is expected to announce that during his time in office, the NCSC will focus on translating previous NCSC guidance and frameworks into practice.

"Defense and resilience of critical infrastructure, supply chains, the public sector and [the UK's] wider economy must improve." Richard Horne, CEO, NCSC