Bosses of the UK’s leading companies have been urged to take action to protect themselves from cyber attacks, with the security minister warning they are not a question of if but when.
Dan Jarvis has written to the CEOs of the UK’s largest 350 companies, warning them of the threat posed by hackers.
It comes as the number of major incidents hit a record level, and follows household names such as Marks and Spencer, Co-op and Jaguar Land Rover being targeted.
The joint letter, signed by Jarvis, as well as the chancellor, the business, and the technology secretary, as well as the heads of the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA), "implored" business leaders to take cybersecurity more seriously in the wake of a spate of recent high-profile attacks.
Speaking on Tuesday morning at the NCSC’s annual review of the UK’s cybersecurity, Jarvis described future cyber attacks as "more complex and more intense than ever before", as he called on companies and citizens to do more to protect themselves.
"Businesses cannot be protected by government alone," Jarvis said.
"For too long, cybersecurity has been a concern of the middle management and only gets escalated to the seniors in a crisis.
"It’s not a case of if, it’s about being prepared for when that attack happens."
His warning comes as the NCSC published its annual review into the UK’s cybersecurity on Tuesday.
The report revealed a 50% rise in cyber attacks, and warned that Chinese and Russian hackers pose a "significant threat" to the UK’s security.
The NCSC confirmed there had been 204 “nationally significant” attacks in the year to the end of August 2025, up from 89 in the previous year, increasing by more than half.
The NCSC’s annual review said: “State actors continue to present a significant threat to UK and global cyber security, aided by an evolving cyber intrusion sector."
It called Russia a "capable and irresponsible threat actor in cyberspace", while also warning about the danger posed by pro-Russian "hacktivist" groups operating outside formal state control.
The report also said that China was a “highly sophisticated and capable threat actor, targeting a wide range of sectors and institutions across the globe, including the UK”.
It warned that hackers, including those with links to Beijing, were using artificial intelligence to improve the potency of their attacks.
The NCSC report comes at a time when the potential threat from China is under renewed focus after the collapse of an alleged spying trial.
