NCSC ANNUAL REVIEW 2025

When awareness becomes resilience: lessons from the NCSC Annual Review 2025

The review reveals a surge in cyber incidents and stresses that true resilience requires treating employee awareness and culture as strategic, not just technical, defenses.

Download our NCSC summary & checklist

Insights and actions for your organisation

The NCSC’s Annual Review 2025 paints a clear picture of where the UK stands on cyber resilience and it’s a wake-up call. Serious cyber incidents have more than doubled in just one year, with 429 handled between September 2024 and August 2025. Of those, nearly half were classed as ‘nationally significant'.

To help organisations take action, we’ve summarised the 32 page report into a short article and created a free downloadable checklist that focuses on the human side of cyber attacks and what organisations can do maximise resilience.

Download our NCSC Annual Review summary & checklist

Fill out the form to get the latest findings. What's included:



A summary of the NCSC Annual Review focusing on trends seen across human risk



An actionable checklist to help you review and boost resilience based on the lastest findings

Get our NCSC annual audit checklist thumbnail

Next steps for organisations

The NCSC recommends a shift in mindset, from compliance to culture. Some key actions stand out:

Elevate cyber awareness into a strategic initiative, not a checkbox.
Create a culture of open reporting and learning, without scrutiny, fear of embarrassment or punishment.
Embed accountability at senior levels.
Integrate awareness with technical measures like MFA and identity monitoring.
Measure progress using frameworks, such as the Cyber Assessment Framework.

With new regulation on the horizon, including the Cyber Security & Resilience Bill, organisations will soon need to demonstrate maturity, not just claim that they have it. Proof of culture, awareness and governance will be as important as technical defences.

Join the thousands of organisations transforming their cyber culture and boosting resilience with Boxphish

Phishing simulations

Send ready-made templates, or create your own, to employees in a matter of minutes and track the results within our reporting suite.

Should an employee accidentally click on a simulated phishing attack, we offer educational landing pages that contain top tips on how to spot the next one. For organisations looking to benchmark their susceptibility, we also offer the option of a 404-error page, so employees do not know they have been ‘phished’.

Through working closely with a leading email security partner who secure over two million endpoints globally, we gain real-time insight into phishing trends. This enables us to keep our library up to date and educating on the latest threats.

Training content

Enrol your employees onto automated learning journeys that deliver regular video-based training that is simple to understand and easy to digest. A short quiz follows every 3 to 5-minute training video prompting employees to put into practice what they have learnt; proven to maximise information retention.

Our training content is NCSC Assured and follows best-practice cyber advice released by the National Cyber Security Centre.

Our training modules cover the full breadth of cyber awareness topics including, but not limited to, ‘how to spot phishing’, ‘malware’ and ‘staying safe online’, through to ‘social engineering’, ‘GDPR’ and ‘data privacy’.

Dark web scanning

Usernames and passwords leaked by 3rd party applications are a classic method used by criminals to gain access to organisational systems. Whether it’s through direct logins to cloud providers or internet accessible RDP services, there are numerous ways attackers have found to use leaked credentials to cause damage to organisations. Even when 2FA has been deployed, simply presenting valid credentials to legacy protocols and APIs frequently result in successful remote access or data theft.

Gain access to a leading platform that constantly monitors and inspects information originating from data breaches across the internet, looking for credentials that could be associated with your organisation.

See our platform in action

KEEP UP TO DATE