The UK is experiencing a sharp increase in cyber attacks, with the National Cyber Security Centre (NCSC) warning that cybersecurity has become a matter of national resilience. The NCSC’s Annual Review 2025 reveals that the organisation handled 204 nationally significant cyber incidents over the past year, which is more than double the 89 incidents managed the previous year.

In total, the NCSC responded to 429 incidents, including 18 categorised as “highly significant” due to their potential to disrupt essential national services such as energy networks, healthcare systems, and government operations. The findings highlight the urgency for organisations to design digital infrastructure, particularly data centres and cloud environments, with resilience incorporated from the start. The report identifies a 50 per cent year-on-year rise in major incidents, marking the third consecutive year of increased cyber activity.

Dr Richard Horne, Chief Executive of the NCSC, describes cybersecurity as “a matter of business survival and national resilience,” warning that every organisation must elevate cyber readiness to a board-level priority. While ransomware remains the most common form of attack, IoT and connectivity have increased the attack surface, as revealed by Toby Gasston, Principal Product Manager at Wireless Logic, which is based in Maidenhead.

Toby Gasston, Principal Product Manager at Wireless Logic, which is based in Maidenhead, commented: “The UK being under near-constant cyber-attack comes as no surprise. As industries digitise, their most critical functions increasingly depend on connected devices and IoT infrastructure. This growing reliance expands the threat surface and demands a new level of vigilance, along with recognition that it brings vulnerabilities which can no longer be ignored.” He noted that sectors such as energy, healthcare, and manufacturing are particularly exposed due to the integration of operational technology with IT systems. “With thousands or even millions of endpoints across supply chains, the challenge isn’t securing a single device but the entire network that connects them,” Toby added. “The way we think about IoT security must evolve from piecemeal protection to built-in resilience.”

London-based Dolores Saiz, CEO of cloud consultancy The Server Labs, stated that the findings underline the need for organisations to integrate security into every aspect of their infrastructure. “The 50% rise in cyber-attacks highlighted in the National Cyber Security Centre’s report is a stark reminder that no organisation is immune,” she said. “Security can’t be an afterthought or a reaction to a breach, it has to be engineered into the very fabric of every system, every process and every partnership.”

This local assessment aligns with global data showing rising cyber risk. The World Economic Forum’s Global Cybersecurity Outlook 2025 reports that 72 per cent of organisations worldwide have experienced an increase in cyber threats, with ransomware incidents surging by 46 per cent, driven by generative AI-enabled tools capable of automating phishing, credential theft, and data exfiltration.

Image source: LinkedIn