A Stronger Focus on National Cyber Resilience
Launched yesterday, the NCSC Annual Review 2025 makes it clear that cyber security is now a shared national priority. The report outlines an expanding threat landscape, continued growth in Active Cyber Defence initiatives, and the urgent need to design resilience into critical systems.
This year’s review sets a clear direction for every organisation, from public sector bodies to manufacturers and retailers. True resilience is no longer about avoiding incidents but ensuring that, when they occur, disruption is limited, and recovery is swift.
The Threat Landscape: Volume, Sophistication and Impact
The NCSC dealt with over 200 nationally significant incidents in the last year, including 18 categorised as highly significant. This marks a 50% increase compared to the previous year. These attacks affected businesses, public services and infrastructure across the UK.
The NCSC highlights a shift in attacker behaviour. Threats are now driven by a mix of state-sponsored campaigns, financially motivated groups and supply chain compromises. The review underlines that the effects of these attacks are no longer limited to data or systems; they have real-world consequences for operations, reputation and the economy.
As the report states, “cyber attacks no longer just affect computers and data, but real business, real products and real lives.” This reality aligns with what we see across our clients. The impact of a major cyber event is immediate and wide-ranging, with downtime and loss of trust being the biggest risks to recovery.
Active Cyber Defence: Preventing Attacks at Scale
The Active Cyber Defence (ACD) programme remains one of the NCSC’s most successful initiatives. Over the past year, it has blocked billions of phishing attempts and removed thousands of malicious websites. ACD tools such as Mail Check, Web Check and the Takedown Service help organisations identify weaknesses and stop attackers before they cause harm.
This year’s review highlights how automation and data sharing are helping the NCSC protect more organisations by default. That same principle drives much of our work at e2e-assure. Automation supports faster detection and response, while collaboration across the cyber community ensures that new threats are shared and neutralised quickly.
The ACD programme demonstrates the value of shared defence. When data, insight and action are combined, the overall security of the UK improves. For both public and private organisations, taking advantage of ACD services is a key step towards a more secure digital environment.
Engineering Resilience Against Critical Loss
One of the strongest messages from this year’s review is the need to engineer resilience against critical loss. The NCSC emphasises that recovery planning should not be an afterthought, but a core design principle for every organisation.
The report points out that the organisations which recover most effectively are those that have prepared for disruption in advance. This includes having offline backups, tested recovery playbooks and segregated systems.
At e2e-assure, we have seen the value of this approach first-hand. The JLR incident earlier this year, which halted production and caused significant disruption, illustrates the cost of insufficient resilience. Businesses that plan for continuity through layered defences, regular testing and visibility across assets are better able to recover quickly.
Engineering resilience is about more than technology. It requires visibility, preparedness and speed:
- Visibility – knowing which assets are critical and where vulnerabilities exist (which can be aided by built in tools, such as our MS Teams app).
- Preparedness – testing recovery regularly, not only during audits (and conducting tabletop exercises to test your provisions).
- Speed – shortening the time it takes to detect, contain and recover (in some cases, our customers have experienced a turnaround in just 20 minutes.)
These principles help organisations reduce the risk of critical loss and maintain trust in their services.
Collaboration and Shared Responsibility
The NCSC Annual Review 2025 also highlights the growing need for collaboration. No single organisation can manage cyber risk alone. Programmes such as the Cyber Advisor Scheme and Cyber Governance Training for boards show how leadership awareness is becoming central to national resilience.
Managed security providers have a vital role to play in supporting this shift. At e2e-assure, we focus on helping organisations strengthen detection and response capabilities while aligning with NCSC guidance and broader UK cyber resilience objectives such as NIS2, CAF 4.0 and the Cyber Resilience Bill.
Time to Act: Building the Foundations of Resilience
The overarching message from the NCSC is clear… it is time for action.
The scale and frequency of cyber incidents will continue to rise, but critical loss can be prevented through preparation, collaboration and strong engineering principles.
Resilience is not achieved through technology alone. It is built through culture, planning and shared intelligence. At e2e-assure, we are committed to helping organisations build that resilience, reduce risk and recover faster when incidents occur.
