Cyber Threats and Resilience

Cyber attacks are a persistent threat to the whole of society, and the threat landscape remains complex and evolving. 

Hostile actors include nation-states, organised crime groups, hacktivists and skilled individuals. Threat actors also have diverse motivations, from economic espionage and geopolitical objectives to financial gain or even just a sense of personal achievement. The types of cyber attacks are similarly diverse, ranging from ransomware to Distributed-Denial-of-Service attacks, cyber fraud and business email compromise. 

For victims, cyber threats lead to significant human cost. Financially motivated cybercrime disproportionately affects vulnerable people. Attacks like ransomware can regularly shut down small businesses, and hacking campaigns can paralyse the delivery of government social services.

The cyber resilience of critical national infrastructure and services is of paramount importance in maintaining national and economic security. However, raising cyber security and resilience standards across societies is an enduring challenge. 

Designing effective policy responses to the challenges posed by cyber threats requires insight into their impact on individuals, organisations and society. 

We work with threat intelligence partners to understand the threat, while exploring cyber risk management approaches that increase resilience by limiting the likelihood and impact of cyber incidents. These range from ways to identify systemic network vulnerabilities to securing supply chains, increasing vendor diversity, and improving incident response.