State-sponsored cyberattacks from Chinese intelligence and military agencies display “an eye-watering level of sophistication,” UK National Cyber Security Centre CEO Richard Horne is expected to say in a less-than-cheery opening speech to kick off its annual conference.
The NCSC has in previous years labelled the threat posed by China in cyberspace as “epoch-defining,” although Horne re-jiggered this description in his opening plenary at CYBERUK 2026.
According to a transcript of his speech shared with The Register ahead of time, Horne will tell delegates attending the Glasgow conference on Wednesday that China is no longer just a capable cyber threat, but thanks to its whole-of-state approach, it now represents “a peer competitor in cyberspace.”
In October, the UK cyber agency warned that it had handled an average of four nationally significant cyberattacks a week over the previous year, with state-linked threats from China, Russia, Iran, and North Korea remaining among its chief concerns.
The NCSC, alongside its partners like the National Protective Security Authority, says Russia is continuing to launch hybrid attacks against Britain and EU countries it considers hostile, all while using the techniques honed during the invasion of Ukraine.
The annual event comes weeks after reports that the UK is readying the nation – both in terms of its military and civilian population – for wartime.
Horne is to say: “We can’t know over the next ten years whether the UK will be in a state of conflict. But we do know that we must prepare for that eventuality. The Strategic Defence Review told us.
“We do know from conflicts around the world this last year that cyber operations are now integral to conflict, as much a reality of modern warfare as drones and missiles. And the scope of targeting is getting wider. The attacks on the Polish energy sector in December are a stark reminder of that reality, that cybersecurity is the home front.”
Cyber practitioners, such as those in the National Cyber Force, will continue to carry out offensive operations that “protect our nation, countering those who would do us harm,” according to the NCSC CEO.
Unlike ransomware, these attacks can damage critical national infrastructure, and they cannot be brushed away with a simple payment.
“Defending against that means every organization embedding cybersecurity into their corporate mission, ensuring they understand the full extent of risk they face, build defense in depth so that initial footholds by an attacker don’t result in catastrophic impact. And they can respond to remain operational and rebuild following a successful attack.
“We should already be at the point where paying ransoms in the face of destructive attacks simply doesn’t happen, with every organization ready for the day when paying their way out just isn’t an option.”
AI, obviously
Together with today’s geopolitics and the frontier artificial intelligence models on the horizon, the UK faces a period of “tumultuous uncertainty” that requires a significant shift in culture for cyber defense, the NCSC bigwig is expected to claim.
Horne will break no new ground on AI, though he will make the case for embracing it in defense before adversaries weaponize it for new forms of attack. His sharper point is that AI will act as a torch shone into the rot already baked into today’s software, exposing long-buried vulnerabilities and the shoddy security fundamentals too many in the industry have quietly tolerated.
“We must embrace it, secure it, and shape it.”
- Ministers confirm breach at UK Foreign Office but details remain murky
- British govt agents demand action after UK mega-cyberattacks surge 50%
- Despite Russia warnings, Western critical infrastructure remains unprepared
- Despite Russia warnings, Western critical infrastructure remains unprepared
It is time for the “naïve” organizations not viewing their technology base “as core to their prosperity and security,” to drive this industry-wide change toward greater resilience, Horne argues.
“We cannot manage the risk in isolation. Our job is now to catalyze the change we need in our organizations – a cultural shift – so that everyone, whether they sit on the board or the IT help desk, knows that cybersecurity is part of their mission. That it is not just the responsibility of the few, but a shared mission – core to the purpose of every organization.
“Driving that cultural shift demands that we think differently, with greater diversity of skills, minds, and backgrounds, for us as a community to be bold, to make the case for cyber security and resilience as a strategic investment. Not a cost to be minimized.”
It’s a message the NCSC might usefully stencil onto the foreheads of every CIO who has ever convinced themselves that outsourcing security to the lowest bidder counts as a strategy. That arrangement tends to look considerably less clever when the wolves are at the door — and the wolves Horne has in mind are not your garden-variety ransomware crews with an eye on a quick payday.
Nation-state cyber baddies want something far harder to recover than money: your infrastructure, your secrets, your leverage. You don’t get those back with a wire transfer. ®
