Paul Jeffries

The UK Cyber Team is in Warsaw for the European Cybersecurity Challenge 2025 👩‍💻      It’s bringing together top young talent from 38 countries for challenges in cryptography, forensics and a live attack and defence simulation.      This government funded team delivered with the SANS Institute will showcase advanced skills and solidify the country’s commitment to producing future cyber professionals with exciting careers. 

142

4 Comments

Today we published the government's 🇬🇧 UK Cyber Security Sectoral Analysis 2025. It shows another year of very strong growth for the UK cyber sector: ⬆️ Sector revenue up by 12% ⬆️ Gross Value Added (GVA) up by 21% ⬆️ Employment up by 11% The UK cyber sector is a consistent high performer and we have been measuring this performance since 2017. The compound annual growth rate for sector revenue works out at 13%. While venture capital investment has not grown this year, investors surveyed remain bullish and there has been significant other investment activity in the UK market including mergers, acquisitions, loan and equity funding. https://lnkd.in/ea_fMdez Department for Science, Innovation and Technology / techUK / CyberFirst / National Cyber Security Centre / Plexal Cyber / UK Cyber Security Council / UKC3 - UK Cyber Cluster Collaboration / Cyber Security Academic Startup Programme

123

#CyberAlert | Foundations for OT cyber security We have joined international partners to release guidance for owners and operators on foundations for operational technology cyber security and asset inventory. Read it here: https://lnkd.in/esEEhNFc

54

3 Comments

🖥CyberRise Yorkshire has announced the launch of a new programme to transform the way cybersecurity is taught and experienced in schools to encourage more girls into careers in the industry.  ⌨Led by Sheffield Hallam University and supported by partners in education, academia, and industry, the project has secured funding from Innovate UK, with co-funding from the Department for Science, Innovation and Technology (DSIT) through the Cyber Local Programme. Read more here👇 https://lnkd.in/ehccDbSi

48

4 Comments

*** 𝗖𝗣𝗗𝗣 𝗖𝗼𝗻𝗳𝗲𝗿𝗲𝗻𝗰𝗲 𝟮𝟬𝟮𝟱 *** First day of an insightful week at Computers, Privacy and Data Protection (CPDP) Conference as the EDPS actively engages in discussions on a range of key topics, from the evolving landscape of AI to combatting spyware and enhancing vulnerability management. Today, we had the opportunity to discuss: 𝗔𝗜'𝘀 𝗜𝗺𝗽𝗮𝗰𝘁 𝗼𝗻 𝗙𝘂𝗻𝗱𝗮𝗺𝗲𝗻𝘁𝗮𝗹 𝗥𝗶𝗴𝗵𝘁𝘀 Supervisor, Wojciech Wiewiorowski, shared his insights in a panel organised by the European Union Agency for Fundamental Rights titled "𝘈𝘴𝘴𝘦𝘴𝘴𝘪𝘯𝘨 𝘍𝘶𝘯𝘥𝘢𝘮𝘦𝘯𝘵𝘢𝘭 𝘙𝘪𝘨𝘩𝘵𝘴 𝘙𝘪𝘴𝘬𝘴 𝘰𝘧 𝘈𝘐: 𝘖𝘱𝘱𝘰𝘳𝘵𝘶𝘯𝘪𝘵𝘪𝘦𝘴 𝘢𝘯𝘥 𝘊𝘩𝘢𝘭𝘭𝘦𝘯𝘨𝘦𝘴 𝘈𝘩𝘦𝘢𝘥". The discussion focused on navigating the delicate balance between leveraging AI for societal benefits and safeguarding fundamental rights. In his intervention, the Supervisor spoke about the AI Act reinforcing the protection of fundamental rights, including the right to data protection, by requiring every high-risk AI system to undergo a prior identification and analysis of known and reasonably foreseeable risks to fundamental rights, and mandates the adoption of appropriate measures to mitigate any such risks. “The AI Act complements existing regulatory frameworks, therefore its implementation raises a number of challenges, in terms of interplay and possible overlapping - he said. Cooperation is the key word. The multiplication of regulatory frameworks is a response to the development of new technologies, which have profound implications on our societies, for better or for worse. Their effective implementation requires a close and strong cooperation among all stakeholders. At the EU level, we have launched the Digital Clearinghouse 2.0 to foster collaboration among competent authorities. 𝗦𝘁𝗿𝗲𝗻𝗴𝘁𝗵𝗲𝗻𝗶𝗻𝗴 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆: 𝗖𝗼𝗺𝗯𝗮𝘁𝗶𝗻𝗴 𝗦𝗽𝘆𝘄𝗮𝗿𝗲 Anna Buchta, Head of Policy and Consultation Unit, contributed to the Society for Civil Rights panel discussion "𝘊𝘭𝘰𝘴𝘪𝘯𝘨 𝘵𝘩𝘦 𝘋𝘪𝘨𝘪𝘵𝘢𝘭 𝘉𝘢𝘤𝘬𝘥𝘰𝘰𝘳: 𝘚𝘵𝘳𝘦𝘯𝘨𝘵𝘩𝘦𝘯𝘪𝘯𝘨 𝘝𝘶𝘭𝘯𝘦𝘳𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘔𝘢𝘯𝘢𝘨𝘦𝘮𝘦𝘯𝘵 𝘵𝘰 𝘊𝘰𝘮𝘣𝘢𝘵 𝘚𝘱𝘺𝘸𝘢𝘳𝘦." The panel addressed critical strategies to enhance cybersecurity measures and protect against the threat of spyware. 𝗘𝗻𝗳𝗼𝗿𝗰𝗶𝗻𝗴 𝗗𝗮𝘁𝗮 𝗣𝗿𝗼𝘁𝗲𝗰𝘁𝗶𝗼𝗻 𝗶𝗻 𝗔𝗜 Fanny Coudert, Deputy Head of Supervision and Enforcement Unit, moderated the EDPS panel "𝘕𝘢𝘷𝘪𝘨𝘢𝘵𝘪𝘯𝘨 𝘙𝘦𝘨𝘶𝘭𝘢𝘵𝘰𝘳𝘺 𝘊𝘰𝘮𝘱𝘭𝘦𝘹𝘪𝘵𝘪𝘦𝘴: 𝘌𝘯𝘧𝘰𝘳𝘤𝘪𝘯𝘨 𝘋𝘢𝘵𝘢 𝘗𝘳𝘰𝘵𝘦𝘤𝘵𝘪𝘰𝘯 𝘪𝘯 𝘵𝘩𝘦 𝘍𝘪𝘦𝘭𝘥 𝘰𝘧 𝘈𝘐". This session explored the challenges and solutions to ensure robust data protection in the fast-paced world of AI development. Follow us to stay up to date on Day 2 of #CPDP25!

49

1 Comment

BREAKING: Middlesbrough Council has allocated £25,000 to cyber security for the next 12 months - safeguarding £300 million in public funds, services, and citizen data. That’s 0.0083% of annual turnover. Or £0.11 per resident. Or roughly the cost of a mid-range firewall and a motivational poster about password hygiene. In an era of ransomware-as-a-service, AI-driven fraud, and cascading supply chain breaches, this is a bold gesture - not toward resilience, but toward plausible deniability. What does £25,000 buy you in 2025? • A phishing simulation, two awareness emails, and a laminated “Think Before You Click” sign • A procurement trail proving “something was done” • A future FOI response that reads: “Cyber security measures were in place at the time.” Obviously tongue in cheek, as hopefully they’ve allocated more budget and resources toward cyber security than this, but it got my attention anyway. :) #CyberSecurity #LocalGovernment #DigitalRisk #SymbolicSpending #Middlesbrough #PublicSectorPriorities #Procurement #Accountability #LinkedInIrony

204

82 Comments

Today marks the official launch of our new strategic collaboration with Cyber Unit Technologies - CyberUnit.Tech bringing Ukraine’s battle-proven resilience and next-generation technology to strengthen and safeguard corporate Britain and the wider public sector. In alignment with the UK-Ukraine 100-Year Partnership, Prevail Partners is proud to deliver the Unit Range platform: a UK-compliant, ready-to-deploy cyber defence solution that responds directly to the urgent call for enhanced digital security across the public and private sectors. A battle-proven cyber resilience platform developed in live conflict and refined against state-level attacks, Unit Range enables UK organisations to test, train and build real-world readiness against the full spectrum of modern cyber threats. This partnership unites unparalleled operational experience and technical capability, enabling UK organisations to confront modern threats with the same technology trusted on the digital frontlines of Ukraine. For more information please read our press release: https://zurl.co/DSlfn #UKUkraine #CyberResilience #SecurityInnovation #StrategicPartnership #UnitRange #PrevailPartners

52

❗New Research - Cyber Security in CNI 2025❗ At last week's CNI Cyber Security Summit, we launched our annual research looking at the top cyber threats, trends and challenges facing UK CNI organisations in 2025. Now in it's fifth consecutive year, the research surveyed over 600 respondents across critical sectors. Some of our key findings were: 👉95% of organisations surveyed have experienced a data breach 👉41% of CNI organisations rank data protection as one of their biggest security challenges. 👉37% of CNI organisations have experienced costs in excess of £500,001 due to ransomware Read more ➡️ https://lnkd.in/eC8ceFsQ #CNIResearch2025 #CyberSecurity

28

1 Comment

Only 48% of UK businesses undertook a formal cyber security audit and review in the past 12 months according to the NCSC Cyber Security breaches survey 2025. Following the recent high profile cyber attacks on UK businesses, it is now more important than ever before for organisations to undertake an in depth review of their cyber security posture. In our recent Executive Briefing Series video Glen Williams (CEO - Cyberfort) and Emily Rees (CFO – Cyberfort) discussed the importance of cyber security audits and why they are crucial for organisations who want to define and understand their cyber risk profiles. Watch the clip below to find out more or click here to watch the full Executive Briefing Series video - https://lnkd.in/g3h5gAas At Cyberfort our NCSC assured consultants work with businesses and public sector organisations to audit and review their data, people, policies, processes and infrastructure against NCSC best practices. To find out more about Cyberfort Cyber Resilience Audit and Review services click here - https://lnkd.in/eX5_Bea6 #cyber #cybersecurity #cyberresilience #cyberaudits #cyberreview #cyberrisk #riskmanagement #cybergovernance

37

1 Comment

Pat McFadden MP, Chancellor of the Duchy of Lancaster and Minister for Intergovernmental Relations, speaking at the opening Plenary at #CYBERUK25 about growing cyber threats, AI risks and the need for global partnerships to lead in cyber security.

151

4 Comments

UK Cyber Security & Resilience Bill: Are You Ready? Big changes are coming for organisations connected to the UK’s Critical National Infrastructure (CNI). The Government’s upcoming Cyber Security and Resilience Bill, set to be introduced later this year, will reshape cyber regulation across CNI and its supply chains. The Bill will: ✅ Expand the scope of NIS regulations ✅ Strengthen supply chain security ✅ Introduce tougher security and incident reporting duties ✅ Grant new oversight powers to regulators   Managed service providers, large data centres, and critical suppliers will be among those newly in scope - with significant implications for compliance and risk management. Non-compliance could lead to increased scrutiny, new oversight fees, and heightened regulatory intervention. Now is the time to prepare.   Read our blog “Navigating the UK Cyber Security and Resilience Bill” by Julian Brown from NCC Group to understand what’s changing and how to prepare.   🔗 https://bit.ly/44W95k1   #UKCyberResilience #CNI #NISRegulations #CyberCompliance #NIS2

53

JLR (Jaguar Land Rover) will restart production October 1st, having been shutdown for a month due to a ransomware attack that has been claimed by Scattered-Lapsus$-Hunters. I have talked about #ScatteredSpider before and the way they launch their attacks with very successful social engineering techniques. I've seen their type of attacks firsthand with two customers of mine. The attacker call into a registrar's office, or the business office, and they are very effective at getting an end user to allow the attacker on their machine. They use built in tools that do not trigger top tier MDR tools, like Crowdstrike, so alerts do not fire. What can you do? Train your users, teach them about these new kinds of attacks. Change your protocols for changing passwords, make sure your users know to verify who is contacting them. Your users are not the problem; they are the target. Put in protective layers around your users because that is who the attacker's target. Train them to spot the attackers and know that they can safely report these kinds of social engineering attacks. #cybersecurity #CISO #ransomware #risk #awareness #training

28

21 Comments

As a Delivery Partner for the National Cyber Security Centre's Assured Cyber Incident Response (Level 2) scheme, we are sharing the latest changes to the scheme, including: 🖊️ The Cyber Incident Response Scheme (Level 2) is now called the Cyber Incident Response Standard Level ✅ There is now a prerequisite for all companies to successfully join, and remain members of, the Cyber Incident Response scheme at the Standard Level, before applying to join at the Enhanced Level as an Assured Service Provider Find out more about the changes here https://lnkd.in/epufx9VQ

40

Are you concerned about AI powered phishing attacks? 83% of UK CNI organisations said they are.    We surveyed over 600 of the UK’s cyber security leaders across critical national infrastructure (CNI) to uncover their views on the current threat landscape, their cyber maturity, and areas they need to improve in.     Link in comments 👇   #CNIResearch2025 #CyberSecurity Lauren Powell

44

1 Comment