fbpx

Seven key takeaways from the NCSC Annual Review 2024

NCSC annual review 2024

The National Cybersecurity Centre’s (NCSC) Annual Review 2024 offers a comprehensive overview of the UK’s cybersecurity landscape. This year’s report is a mixed bag for the industry. On one hand, significant progress has been made in areas such as threat prevention. However, persistent challenges remain and the report underscores the urgent need for collective action to tackle the most pervasive threats.

Here’s what you need to know, supported by key statistics and expert insights from the review.

1. Ransomware remains the most immediate threat

Unsurprisingly, ransomware remains high on the NCSC’s agenda. Attacks like the one on Synnovis, which disrupted NHS services and delayed thousands of medical procedures, demonstrate the deep impact of ransomware. 

The review highlights the increasing sophistication of these attacks, with industrial control systems now a key target.

"Ransomware remains the most significant, serious, and organised cybercrime threat faced by the UK," the NCSC emphasised.

Key stat: The NCSC managed 20 ransomware incidents in 2024, 13 of which were classified as nationally significant—up from 10 in 2023.

Takeaway

Proactive resilience is essential. Adopting frameworks like Cyber Essentials can significantly reduce vulnerabilities to ransomware, as shown by the 92% reduction in insurance claims for certified organisations.

2. Nation-state threats escalate

The geopolitical landscape is amplifying cyber threats, with Russia, China, and North Korea leading state-sponsored campaigns. China, in particular, has been identified as a persistent actor targeting critical infrastructure for espionage and potential disruption.

"China state-affiliated actors routinely seek access to networks globally, targeting critical national infrastructure for espionage and disruptive purposes," warns the review.

Key stat: In 2024, the NCSC issued 1,957 cyber attack alerts, including 89 nationally significant incidents—a sharp rise from 62 the previous year.

Takeaway

The alignment of public and private sector defences is critical to counter sophisticated, state-sponsored attacks.

3. Artificial intelligence: A dual challenge

AI is reshaping cybersecurity, offering both threats and opportunities. While cybercriminals are using AI for precision reconnaissance and social engineering, defenders are harnessing AI to automate detection and improve response times.

"Generative AI will make it harder for defenders to identify social engineering attacks without the development of new mitigations," the NCSC noted.

Key stat: AI-driven tools have significantly narrowed the time between vulnerability discovery and exploitation, heightening the need for real-time defences.

Takeaway

Although cybercriminals appear to have the edge in AI at the moment, it doesn’t have to be this way. As the technology develops, organisations should explore AI-enhanced cybersecurity solutions to match adversaries’ growing capabilities.

4. Cyber Essentials: A proven solution

The Cyber Essentials scheme continues to demonstrate its value as a foundational framework for organisational security. Now in its tenth year, the programme has helped thousands of businesses mitigate common cyber threats.

"Cyber Essentials is a proven baseline that guards against the most common cyber attacks while signalling to customers that businesses take security seriously," the review stated.

Key stats: Organisations with Cyber Essentials are 92% less likely to claim on cyber insurance policies.

Over 33,000 Cyber Essentials certifications were issued in 2024, a 20% increase on the previous year.

Takeaway

Businesses of all sizes should prioritise achieving Cyber Essentials certification to protect themselves and build customer trust.

5. Securing democracy: Election protection

The NCSC played a pivotal role in safeguarding the 2024 UK General Election, implementing pre-emptive measures to secure infrastructure and provide tailored cyber support to high-risk individuals.

"The general election was delivered smoothly and securely, with no major incidents impacting the outcome," the review confirmed.

Key stat: Over 50% of the bespoke alerts issued by the NCSC in 2024 related to pre-ransomware activity, enabling organisations to act before attacks could escalate.

Takeaway

Critical events require tailored cybersecurity strategies to pre-empt threats and ensure operational continuity.

6. The role of legislation in resilience

The Cyber Security and Resilience Bill, expected to become law this year, will expand regulatory protections, enhance reporting requirements, and enforce stronger accountability across digital supply chains.

"The bill is a crucial step toward hardening the UK’s defences against sophisticated cyber threats," the NCSC stated.

Key stat: Over 70% of organisations in the NCSC’s trust groups have adopted Early Warning services to enhance preparedness.

Takeaway

Organisations must prepare to comply with stricter regulatory requirements, especially in critical infrastructure sectors.

7. Systemic market challenges

The NCSC highlights a critical gap in how technology markets prioritise security. Basic safeguards like multi-factor authentication are often treated as premium features rather than standard offerings.

"We must build a future where products are secure, private, resilient, and accessible to all," the review advocates.

Key stat: Memory safety vulnerabilities remain one of the most prevalent causes of breaches, exacerbated by insufficient adoption of secure-by-design principles.

Takeaway

Industry and regulators must champion secure-by-design principles to address systemic vulnerabilities and improve resilience.

What is the key takeaway?

Above all, the NCSC’s Annual Review is a stark reminder that, from small businesses to national infrastructure, the UK’s cyber resilience requires urgent attention. That might sound like a gargantuan task. However, in reality, all it requires is that everyone pitches in. 

"Improving resilience is not a technical challenge—it’s a matter of urgency and leadership," the review concludes.

Whether you’re an SME or part of a critical national sector, the time to act is now. Adopt frameworks, collaborate with trusted partners, and embed security into your operations. Together, we can close the resilience gap and create a safer digital future.

Want to know more about the threats facing small businesses like yours? Check out our latest research, The SME Mobile Threat Report.