THE UK's National Cyber Security Centre (NCSC) reported that 75% of cyber incidents affecting critical infrastructure in the UK during the past year stemmed from nation-state actors, primarily Russia, China, and Iran. In a speech delivered by CEO Richard Horne, he highlighted that over 200 incidents were noted from June 2025 to May 2026. He categorized cyber threats into three spaces: 'far' (monitoring adversaries), 'mid' (exploitation of shared digital infrastructure), and 'near' (targeted organizational systems).
Horne emphasized that cybersecurity should be viewed as an ongoing contest rather than a mere risk management issue, urging organizations to continually invest in security. Experts pointed out the need for addressing knowledge gaps between IT and operational technology in critical sectors, as well as the risks posed by legacy systems and AI-driven attacks, foreseeing that many existing vulnerabilities will likely be exploited in future conflicts. Horne's warnings showcase the urgent need for strategic advancements and collaborative efforts in cybersecurity.