Alston & Bird Privacy, Cyber & Data Strategy Blog

UK’s National Cyber Security Centre Releases 2025 Annual Review

By and

The United Kingdom’s National Cyber Security Centre (NCSC) has released its Annual Review for 2025. As in 2024, the report covers the UK’s cyber security position as well as the country’s readiness to deal with those threats. A copy of NCSC’s report is available here.

The Annual Review states that “it is time to act”. As this year has demonstrated, cyber security is critical to business longevity and success. The Annual Review summarises the key rising cyber threats over the last year, including:

Ransomware

Considering the high-profile cyber-attacks this year on British businesses, the NCSC believes that the most pressing cyber threat to the UK is ransomware. Despite law enforcement attempts to disrupt ransomware operations, threat actors’ use of ransomware continues to be prevalent, and the ransomware threat continues to diversify. This is especially true for UK critical national infrastructure.

AI

The NCSC draws out the risks associated with threat actors’ use of AI. In the last year, threat actors have used AI (including LLMs) to improve efficiency and effectiveness of their cyber-attacks. This includes generating fully automated spear-phishing campaigns, taking over cloud-based LLMs and automating stages of a cyber-attack.

Nation state actors

As in previous years, the NCSC notes that the greatest nation state sponsored threats to the UK continue to emanate from China, Russia, Iran and North Korea.

In the last year, the NCSC received 429 reports of incidents requiring support from NCSC’s incident management team. “Nationally significant” incidents accounted for 48% of these incidents (these include categories 1 through to 3 listed here). “Highly significant” incidents (those that have a serious impact on central government, UK essential services, a large proportion of the UK population or the UK economy) accounted for 4% of all incidents, a 50% increase for the third consecutive year.

In addition to commenting on increased cyber threats, the NCSC has reiterated that cyber security needs to be a board room issue. In particular, the NCSC has reiterated that threat actors target vulnerabilities, not sectors, and as such every company that uses digital assets will be a potential target. The NCSC has flagged that a lack of preventative action is often explained by boards and companies not understanding:

  • The likelihood of a cyber-attack occurring;
  • The possible impact this could have on the business; and
  • The ability to prevent (or recover from) a cyber-attack.

As such, much like in last year’s Annual Review, the NCSC believes that barriers to improving cyber resilience are not technical but are rather market and culture driven. The NCSC continues to call on companies and boards of directors to start viewing cybersecurity as a company-wide issue; “all business leaders need to take responsibility for their organisation’s cyber resilience”.

LinkedIn
Avatar photo

About Hanna Hewitt

Hanna helps clients navigate cybersecurity and data protection matters in the U.K., European Union, and beyond. She assists clients throughout the lifecycle of a cyber incident: helping with immediate response, working with forensic providers to eradicate and contain cyber threats, and advising clients on their regulatory and contractual obligations. At only two years qualified, she has managed over 20 large international incidents, often acting as the main point of contact for clients.

[Read Bio]

Avatar photo

About Kelly Hagedorn

Kelly leverages her significant enforcement background to help clients mitigate risk under UK and EU data protection laws and support global clients on regulatory issues involving data privacy regulation and litigation.

[Read Bio]

Share to...
BufferCopyFlipboardHacker NewsLineLinkedInMessengerMixPinterestPocketPrintRedditSMSTelegramTumblrVKWhatsAppXingYummly