Four ‘nationally significant’ cyber attacks a week should be setting alarm bells ringing.

Listen to this article

That’s the reality in the UK, according to the National Cyber Security Centre. This level of threat is becoming dangerously normalised at an already testing time for national security.

We also don't yet fully understand the potential impact of AI in cyber attacks, as we have (so far) only seen edge attacks using adversarial AI to probe for known software weaknesses or generative AI to impersonate people in legal or financial transactions.

The need for resilience affects the entire country; it’s about ensuring that hospitals can access patient data, businesses keep trading, and the economy grows.

With geopolitical tensions rising and conflict escalating, the likelihood of large-scale cyberattacks is increasing.

The UK Government’s response is the new Cyber Security and Resilience Bill, nearing its report stage in Parliament - one of the final hurdles before becoming law.

It raises the bar significantly, forcing organisations to know exactly where their critical data sits and who controls it, meet the much stricter two-band 24-hour and 72-hour reporting deadlines for data breaches, and face fines of up to £17m or 4% of global turnover if they fail to rapidly resolve serious issues.

The Government is signalling that cyber resilience is no longer optional. Treating cyber attacks as an everyday hazard is not just wishful thinking, as we have already seen the reality of major disruption and impact in leading UK brands. Legislation is one of the impactful ways forward, but this alone won’t fix the problem.

While many UK businesses accept that data breaches are a question of when, not if, too many organisations are devoting all of their time and resources to the prevention of attacks, with rapid response and recovery an afterthought.

Businesses and public services must move beyond the illusion of a perfect prevention solution and ensure they have cyber resilience so that when attacks do happen, disruption is measured in hours, not days.

Our economy cannot afford further high-profile incidents, where disruption ripples through entire supply chains and brings major businesses to a standstill.

Cyber resilience has shifted from an IT issue to a real test of national readiness. It is the difference between keeping the country running and watching it grind to a halt.

Transport systems, telecoms networks and the power grid are vital national resources in the 21st century. The Bill raises the stakes and awareness of collective responsibility, but also focuses minds on the scale of the challenge ahead.

The UK’s entrepreneurs, business leaders, and technical experts will need to strike a careful balance of maintaining competitiveness and innovation with cyber resilience in order to grow our economy amid evolving threats.

Alex McMullan serves as Chief Technology Officer, International at Everpure

LBC Opinion provides a platform for diverse opinions on current affairs and matters of public interest.

The views expressed are those of the authors and do not necessarily reflect the official LBC position.

To contact us email opinion@lbc.co.uk

© LBC