Set against the backdrop of the Strategic Defence Review, the Industrial Strategy and the upcoming National Cyber Strategy refresh, the event addressed the security questions we face at both a local and national level. This blog outlines some of the key themes that emerged from this year’s discussion.
A year of escalating threat
We started with a review of the evolving cyber landscape. 2025 proved to be a testing year in cyber security and we reflected on the public discourse in the UK about pre-war phases. These themes are making the defence and cyber mission feel more acute than ever.
The persistent activities of state-sponsored actors – ranging from espionage campaigns and intelligence collection to targeted sector attacks and social engineering – was keenly felt. Domestically, the distinction between cybercrime and state threats became increasingly blurred.
It was noted that Critical National Infrastructure remained a prime target of attackers, along with several major UK brands. Our speaker highlighted how the scale and expense of such attacks underlined the need to regard cyber resilience as fundamental to economic stability as well as national security.
In terms of specific attack types, ransomware continued to cause significant disruption. While the volume of attacks remained broadly level, the harms have increased as societal dependence on technology continued to grow. What’s more, criminals became more adept at using AI to identify vulnerabilities and calibrate ransom demands.
Given this threat landscape, it was suggested that meeting the resilience demanded by the Strategic Defence Review will require us to think differently. We must re-examine how digital, data and cyber work together to unlock capacity and ruthlessly tackle complexity, while accelerating digital transformation in the public and private sectors to meet the scale and pace of adversary operations.
AI’s growing role in the cyber mission
No cyber event would be complete without a session on AI. At the Cyber Forum, we addressed the dual nature of Artificial Intelligence in cyber security – which presents both opportunities and complex challenges. Attackers are already using AI to increase the speed and scale of their operations and sidestep defences, putting the onus on defenders to respond.
For example, we need to build multi-talented teams comprising technical, legal and security expertise to navigate the complexities AI presents and help reduce risk. Transparency and explainability were highlighted as critical pillars, along with a need to demonstrate the process from input to output. Governance structures are essential to build trust in AI systems, ensuring we can rigorously test models and provide visibility into decision-making.
International collaboration and ethics were also highlighted as crucial topics. Panellists discussed the differing objectives and approaches of nation states in the development and use of AI, and the need for consensus among Western democracies as to a responsible approach.
The UK’s efforts in international engagements, such as through the Bletchley AI Summit, were acknowledged with the caveat that there’s more we could be doing.
The conclusion of the panel was that, while AI has the potential to drive significant economic gains and national advantage, only coordinated effort between government and industry will secure this advantage.
Driving adoption and resilience
One of the day’s panel sessions focused on the challenge of shifting the dial on the adoption of cyber practices within Defence and CNI. In Defence, it was suggested that engineers still view today’s complex platforms through a traditional engineering lens, rather than acknowledging the digital complexity at their core – often overlooking cyber security. Similarly, legacy technologies in sectors like rail present barriers to secure-by-design approaches, where attempts to retrofit cyber combined with ongoing technical updates end up introducing unanticipated vulnerabilities.
To address this, the panellists identified several steps to take. These included taking the time to understand the interconnected nature of systems, mainstreaming cyber into board level discussions and thinking, and positioning cyber credentials as a badge of honour rather than a prescriptive requirement.
Combined, these steps could have a major impact on driving cyber adoption and resilience across UK industry.
Enabling growth through cyber
A healthy UK cyber sector is vital for national resilience. However, challenges persist in helping SMEs establish themselves. One issue raised was a potential priority gap between government and industry, with SMEs in particular focused on securing revenue as opposed to fostering international relations.
The discussion also highlighted the need for a new "growth leader" role to coordinate action across industry and government; an evolution of the lapsed UK Cyber Ambassador role. This role could be invaluable in supporting startups to reach export markets and navigate international regulations, while at the same time fostering growth domestically by driving coordinated action across the cyber industry.
Again, the theme of culture appeared. It was suggested that the potential consequences of cyber incidents could be used as a motivating factor to drive investment. Also proposed was the need to shift the perception of cyber security from a niche IT concern to a fundamental business necessity, supplemented by a more inclusive and relatable approach to discussing cyber security focused on the notions of safety and assurance.
Key takeaways
As we reflect on the insights from the 2025 Cyber Forum, several key takeaways emerged that will help us collectively respond to the cyber threat.
- Threat intent and capability has shifted: Adversaries now target the functional integrity of critical systems, not just the data, and are increasingly leveraging AI. We must move from reactive response to proactive defence.
- Collaboration is non-negotiable: We need better mechanisms for "one to many" information sharing between government and industry to support rapid situational awareness.
- Culture must change: Cyber security must be viewed as a collective responsibility and a board-level discussion, integrated into core decision-making like any other business risk.
- SMEs need support: We must make it easier for smaller companies to access domestic and international opportunities, while helping them understand how to invest effectively in security so they can innovate without fear.
- Innovation requires speed: Being on a pre-war footing, speed of response is critical. We need to foster a culture of rapid innovation and technological adoption with cyber resilience embedded from the outset.
At BAE Systems Digital Intelligence, we remain committed to facilitating open collaboration, advancing practical solutions and supporting the ecosystem as we confront the challenges of 2026 together. Through clarity, partnership and a shared sense of assurance, we can continue to strengthen the UK's cyber posture in a rapidly changing environment.
Learn more about strategic challenges in cyberspace
Subscribe to The Digital Thread to get the latest news and updates straight to your inbox