Kamran Balayev is an international legal and policy expert, business leader, and former London mayoral candidate.
Cyberattacks are no longer occasional disruptions; they are structural risks to modern economies. According to the National Cyber Security Centre (NCSC), “highly significant” cyber-incidents in the United Kingdom rose by more than 50 per cent over the past year, with several serious attacks now occurring each week.
Even the best-defended networks can be breached. The question is no longer whether Britain can stop every attack, but how quickly it can recover.
The disruption of a major UK manufacturer – halting production and costing the economy an estimated £1.9 billion – revealed how a single digital failure can ripple across supply chains. The next crisis may not come from financial contagion or energy shocks, but from a Digital Black Swan: a sudden breakdown of digital infrastructure capable of paralysing services and eroding public confidence within hours.
Yet are we truly discussing this risk at the level it deserves?
Are Parliament and government giving it sustained attention?
Are MPs and mayors prepared?
And is the public aware of the dangers that could unfold in a single night of digital silence?
Britain’s cyber strategy has long focused on defence – patching systems, securing networks and deterring hostile actors. Yet resilience – the ability to continue operating when defences fail – is equally vital.
The NCSC now urges organisations to embed recovery planning, awareness and crisis rehearsal into their daily routines. These discussions must reach beyond technical teams to Parliament, political parties and local government.
Organisations that perform best in real incidents are those that have mapped critical systems, rehearsed fallbacks and practised response scenarios. Resilience is no longer a specialist concern; it is the basis of national continuity.
According to the Allianz Risk Barometer 2024, cyber-incidents are now the top global business risk. The World Economic Forum estimates that cybercrime will cause more than US $10 trillion in annual losses by 2025 – roughly the size of the world’s third-largest economy.
In the UK, the Government’s Cyber Security Breaches Survey 2024 found that 22 per cent of businesses suffered cybercrime last year, rising to 45 per cent of medium-sized and 58 per cent of large firms. The lesson is clear: economic security now depends on digital security.
As markets and insurers begin pricing cyber-risk into valuations, the integrity of a nation’s digital infrastructure has become a measure of financial stability. But data alone are not enough. MPs must be armed with knowledge; understanding cyber risk not only in corporate terms but as a matter of national strategy and geopolitical competition.
Despite progress, governance still lags behind exposure. Too many boards, councils and departments lack the strategic expertise to manage digital threats.
The Cyber Governance Code of Practice advises boards to treat cyber risk alongside audit and finance. But this cannot remain a boardroom exercise. Every MP should understand what a Digital Black Swan could mean for the country, and every mayor must ensure the city he or she governs can withstand a major cyberattack.
Preparedness must become part of Britain’s political culture – a shared commitment to openness, transparency and coordination between government, business and citizens. Information sharing strengthens everyone’s defences; secrecy only weakens them.
Artificial intelligence is reshaping both offence and defence. It strengthens detection but also equips adversaries to generate deepfakes, realistic phishing campaigns and autonomous intrusions.
Analysts expect a sharp rise in AI-assisted attacks from both state and non-state actors. The boundary between cybercrime and digital warfare is blurring. Resilience now requires not just cybersecurity, but data integrity, trusted supply chains and redundancy in computing capacity. A single failure in semiconductors or cloud services could trigger economic disruption as severe as an oil crisis once did.
Britain enters this era with genuine strengths. GCHQ and the NCSC remain world leaders in threat intelligence and coordination. Frameworks such as Cyber Essentials and the Cyber Assessment Framework provide practical standards for every organisation. The Government’s work on AI safety and global partnerships shows that Britain can shape international norms for responsible digital governance.
But capability alone does not guarantee resilience. Openness does. A culture where organisations report breaches early, collaborate across sectors and learn collectively builds a stronger national fabric than isolated excellence.
That culture must extend beyond the private sector and into Parliament, where every MP recognises the stakes; into local government, where mayors safeguard civic systems; and across society, where digital awareness becomes a shared civic habit.
In cyberspace, secrecy breeds fragility; transparency breeds strength.
Britain’s digital strategy should rest on three enduring principles: security, speed and sovereignty.
Security means ensuring that every part of the national system – from local councils to global corporations – maintains strong protection and rehearses for disruption. Speed demands institutions that evolve faster than emerging threats. And sovereignty means retaining control over the data, computing power and semiconductor supply chains that underpin our economy and independence.
Together, these principles define a resilient digital Britain. One that protects its people, leads by example and remains in command of its future.
Cyber shocks are inevitable; only their scale is uncertain.
When networks fail and screens go dark, nations that endure will be those that have practised, prepared and built the confidence to stand back up. Britain must be that nation.
Other countries should be able to look to London as the centre of global coordination against cybercrime – a city that sets standards, convenes partners and perhaps even establishes an Interpol for the digital era.
Such leadership would make London not only a financial capital but also the nerve centre of global cyber governance: where law, innovation and security meet.
For Britain, that is sovereignty in the digital age. Not invulnerability, but resilience – and leadership that endures when others falter.
