NCSC Urges Immediate Action to Build Cyber Resilience Amid Uncertainty

▼ Summary
– NCSC director Paul Chichester stated that cybersecurity is harder than ever due to technological change, geopolitical uncertainty, and threat evolution.
– 77% of British organizations suffered a cyber incident in the past year, 11% above the European average.
– Key challenges include hyper connectivity, fast tech transformation, and the use of cyber as a tool for statecraft.
– Chichester advised reducing attack surfaces, addressing legacy systems, and implementing access controls like zero trust.
– He urged organizations to act now, conduct incident response exercises, and improve public-private collaboration.
Security teams must urgently strengthen collaboration and boost their cyber resilience to navigate an increasingly unpredictable threat environment, according to a senior figure at the UK’s top cybersecurity agency. Speaking at Infosecurity Europe on June 2, Paul Chichester, director of operations at the National Cyber Security Centre (NCSC) , laid out his assessment of the current risk landscape and the steps organizations must take to manage it amid profound change.
Chichester, who has tracked the evolution of cybersecurity for more than thirty years, admitted that for the first time in his career, he is unsure what comes next. He attributed this uncertainty to a convergence of rapid technological change, geopolitical instability, and a shifting threat landscape. “It feels like there are a lot of dice and a lot of variables and we’re not predicting anything very well these days,” he said. “Professionally, things are harder than they’ve ever been.”
His remarks coincided with new research from ManageEngine showing that 77% of British organizations experienced a cyber incident in the past year, a rate 11% higher than the European average.
Chichester highlighted several familiar but pressing concerns for information security professionals. One is hyper connectivity, which he said is expanding so quickly that defenders struggle to track and manage every part of their IT estate. Another is the pace of technological transformation, which he predicted will drive major societal and civilizational shifts, generating even more uncertainty. “It’s quite a lonely place to be as a technology and security professional because we’re trying to slow things down,” he noted. “As technologists, that’s not what we want.”
He also warned about the growing use of cyber as an instrument of statecraft, both overt and covert. This ranges from the hybrid warfare tactics Russia employs in Ukraine to the transnational repression China directs at parts of its diaspora. Adding to these challenges is the increasing complexity of corporate IT. Codebases may now have lifespans of just weeks or months, applications rewrite themselves, and AI is disrupting everything. “How many people really understand their entire tech stack from apps down to the hardware?” Chichester asked the audience. “That’s hard. That uncertainty is something we’ll have to try and manage.”
Despite the grim outlook, Chichester offered reasons for optimism. He noted a growing acceptance within government of using offensive techniques to impose costs on adversaries. He also praised the forthcoming Cyber Security and Resilience Bill (CSRB) , saying, “We’re really pleased about where the bill is ending up. We’re optimistic we’re setting some really powerful standards.”
However, he stressed that public-private sector collaboration will be essential. “Government can only do so much. It’s a collective endeavor,” Chichester said. “I really mean it this time. Now more than ever is the time to act. We have to work together.”
Even as threats evolve daily, Chichester emphasized that fundamental best practices remain effective. These include reducing the attack surface , “It’s hard to use a frontier AI model if you can’t get to the platform,” he explained. He also urged organizations to address legacy systems and shadow IT, noting that frontier AI can democratize high-performance penetration testing and red teaming for all organizations. Access controls are another priority, including zero trust approaches and identity management. “Identity is the root of everything going forward,” Chichester said.
Finally, he stressed the importance of incident preparedness before attacks occur. Running incident response exercises, particularly at the board level, can transform an organization’s ability to respond. “Uncertainty can be massively disabling and make you wait for certainty,” Chichester concluded. “But now is the time to be acting. You need to get match fit. We will be living in a completely different world as defenders. Don’t wait for certainty, because it’s never coming.”
(Source: Infosecurity Magazine)




