FAC FEATURED PARTNER


Cybersecurity is the practice of protecting people, systems, networks, and data from digital attacks, utilising various technologies, processes, and policies. It is essential for both organisations and individuals in the face of increasingly sophisticated and frequent cyberthreats, which can lead to significant consequences such as financial loss, operational disruption, data breaches, and identity theft. A successful cybersecurity posture requires multiple layers of protection across IT infrastructure, integrating people, processes, and technology to create an effective defence against common online threats.

Good Cybersecurity Practice in 2025


Effective cybersecurity in 2025 relies on a multi-layered approach that integrates people, processes, and technology to create a robust defence against digital attacks. Key practices include:


  • Cybersecurity Awareness Training: Employees are often the weakest link, so robust data security policies combined with security awareness training are crucial. This helps users understand how actions like oversharing on social media or ignoring operating system updates can increase risk, and teaches them to recognise and avoid phishing and malware attacks.
  • Data Security Tools: Implementing tools like data loss prevention (DLP) can detect and block attempted data theft. Security controls such as encryption can render stolen data useless, enhancing protection.
  • Identity and Access Management (IAM): This involves controlling how users access digital resources and what they can do with them. Practices such as multifactor authentication (MFA) require multiple credentials for login, making it harder for threat actors to breach accounts. A zero trust security architecture is a critical way to enforce strict access controls, removing implicit trust and replacing it with adaptive, explicit trust based on continuous verification.
  • Attack Surface Management (ASM): Continuous discovery, analysis, remediation, and monitoring of an organisation’s cybersecurity vulnerabilities and potential attack vectors, approached from a hacker's perspective.
  • Threat Detection and Response: Utilising analytics- and AI-driven technologies, such as Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), and Endpoint Detection and Response (EDR), helps identify and respond to attacks in progress. These are typically part of a formal incident response plan.
  • Disaster Recovery: Maintaining business continuity and remediating threats after a cyberattack is vital. The ability to fail over to a remote backup can help businesses resume operations following a ransomware attack, sometimes without paying a ransom.
  • Regular Software and Operating System Updates: Crucial for patching vulnerabilities and enhancing security against potential threats.
  • Strong and Unique Passwords: While not sufficient on their own, they remain an important component of security.
  • Critical Infrastructure Security: Protecting the computer systems, applications, networks, data, and digital assets that society depends on for national security, economic health, and public safety is paramount.
  • Network and Endpoint Security: Focuses on preventing unauthorised access to computer networks and systems and protecting endpoint devices (desktops, laptops, mobile devices, servers) against cyberattacks. Unified Endpoint Management (UEM) solutions manage all endpoints from a single console.
  • Application Security (AppSec): Identifying and repairing vulnerabilities in application software to prevent unauthorised access, modification, or misuse, often integrated into modern development processes like DevOps and DevSecOps.


Organisations should benchmark their security capabilities across people, process, and technology to identify gaps and prioritise investments. The NIST cybersecurity framework is a respected model that can guide organisations in identifying attacks, protecting systems, detecting and responding to threats, and recovering from successful incidents.


Threats Over the Coming 5 Years


The cybersecurity landscape is constantly evolving, with threats growing in sophistication and frequency. Key trends and threats anticipated or already observed leading into and beyond 2025 include:


  • AI-Powered Attacks: Cybercriminals are increasingly leveraging artificial intelligence (AI), including generative AI, to create malicious code, phishing scam content, and fake emails/applications rapidly. Threat actors might use prompt injection or data poisoning to manipulate AI tools into leaking sensitive information or spreading misinformation.
  • Expanding Attack Surface from Emerging Technologies:Cloud Computing and Multicloud Environments: While offering efficiency, they increase network management complexity, leading to risks like cloud misconfigurations, improperly secured APIs, cloud sprawl, fragmented security capabilities, and heightened human error.
  • Distributed Work: Remote and hybrid work, along with bring-your-own-device (BYOD) policies, mean more connections, devices, applications, and data to protect, offering more opportunities for exploitation.
  • Internet of Things (IoT): Many connected IoT devices are unsecured or improperly secured by default, making them easy targets for hijacking by bad actors.
  • Cyber-Physical Systems (CPS): The convergence of operational technology (OT) with information technology (IT) creates unique and growing vulnerabilities, particularly in critical infrastructure.
  • Sophisticated Cybercrime and Nation-State Actors: Threat actors, including nation-states, are demonstrating never-before-seen levels of coordination, automation, and prowess, elevating risk from data breaches to widespread disruption. The Russian invasion of Ukraine, for example, has highlighted the threat of destructive malware attacks and potential fatal outages to critical infrastructure globally.
  • Persistent Ransomware and Malware: Although ransomware attacks saw a decline in 2023, they remain a significant threat, evolving to target more sectors. Malware (malicious software) is involved in almost every modern cyberattack. Attackers are also increasingly combining DDoS attacks with ransomware threats.
  • Phishing and Credential Theft: Phishing remains the most common type of cyberattack, using fraudulent messages to steal sensitive data or funds. Hackers employ various techniques to steal credentials and take over accounts, with identity-based attacks making up 30% of total intrusions.
  • Supply Chain Attacks: Vulnerabilities in partners, vendors, or third-party assets can create attack vectors into enterprise systems.
  • Cybersecurity Skills Gap: The global attack surface is expanding faster than the cybersecurity workforce, with a projected gap of 85 million workers by 2030. This shortage leads to higher data breach costs for organisations.
  • Cybersecurity Debt: New digital initiatives, especially in the public cloud, are often deployed before security issues are fully addressed, leading to increased vulnerabilities.


The cost of cyberattacks is also growing significantly, with the average cost of a data breach reaching USD 4.88 million in 2025, a 10% increase from 2023.



InfoSecurity People and the Importance of Cyber Essentials for Aerospace Manufacturers


InfoSecurity People offers services to help organisations achieve Cyber Essentials accreditation. This certification, described as a government-backed, industry-supported scheme, proves that an organisation actively safeguards sensitive data and protects against common online threats.

For aerospace manufacturers, achieving Cyber Essentials (and potentially Cyber Essentials Plus, as assisted for Farnborough Aerospace Consortium) is of paramount importance, especially if they wish to be involved as supply chain partners:


  • Government Contracts: Holding an up-to-date Cyber Essentials certificate enables businesses to bid for government contracts where the handling of financial or personal data is involved. Given the significant role of government in aerospace and defence, this is a critical requirement.
  • Supply Chain Security: The scheme is increasingly being used by businesses, including leading UK banks, to ensure good cyber security in their supply chains. In the highly interconnected aerospace supply chain, where sensitive designs, operational data, and intellectual property are shared, this ensures a baseline level of protection across all partners, mitigating cascading risks.
  • Building Trust: Obtaining Cyber Essentials certification demonstrates a commitment to cyber security to customers and suppliers. In an industry where trust and reliability are paramount, this external validation reassures partners that an aerospace manufacturer takes data protection seriously and has robust measures in place.
  • Protection Against Common Threats: Aerospace manufacturers, regardless of size, are not immune to common online threats like malware, ransomware, and phishing. Cyber Essentials provides a set of standard technical controls to defend against these prevalent attacks.
  • Critical Infrastructure: The aerospace sector is part of the nation's critical infrastructure. Ensuring its cybersecurity resilience at every level of the supply chain contributes to national security and economic stability.


Therefore, Cyber Essentials is not merely a badge but a foundational requirement that underpins security, trust, and eligibility for critical partnerships within the aerospace industry.

Cybersecurity Approaches in the UK, Europe, and the USA


Cybersecurity approaches in the UK, Europe, and the USA are multifaceted, involving government-backed schemes, legislative frameworks, and dedicated agencies.


United Kingdom (UK)


The UK primarily promotes the Cyber Essentials scheme, a government-backed, industry-supported initiative designed to help organisations protect themselves against common online threats.


  • Purpose: It's a set of standard technical controls suitable for organisations of any size or sector, aiming to protect against almost all cyber threats. Organisations with Cyber Essentials controls report 92% fewer insurance claims.
  • Benefits: Achieving Cyber Essentials accreditation demonstrates commitment to cyber security to customers and suppliers. Crucially, holding an up-to-date certificate enables businesses to bid for government contracts that involve handling financial or personal data. It is also increasingly used by businesses, including leading UK banks, to ensure good cyber security within their supply chains.
  • Uptake and Support: Over 215,000 Cyber Essentials certificates have been awarded, with 49,248 issued in the past 12 months. The Cyber Advisor scheme is available for small and medium-sized organisations, offering reliable and cost-effective cyber security advice and practical support to implement Cyber Essentials. The government also provides free cyber security guidance, training, and support for businesses and charities.


Europe (EU)


The European Union has a comprehensive and evolving set of policies and legislation aimed at promoting cyber resilience and safeguarding digital assets across Member States.


  • EU Cybersecurity Strategy: Launched at the end of 2020, this strategy focuses on securing essential services (e.g., hospitals, energy grids, railways) and connected objects, building collective capabilities for responding to major cyberattacks, and fostering international security in cyberspace.
  • Key Legislation and Agencies:NIS2 Directive: This directive mandates that EU countries establish strong government bodies to supervise cybersecurity and cooperate with counterparts in other Member States by sharing information, especially for critical sectors. Member States were required to transpose and implement NIS2 by 18 October 2024.
  • ENISA (European Union Agency for Cybersecurity): Established in 2005 with a permanent mandate since 2019, ENISA supports Member States, EU institutions, and businesses in areas like implementing the NIS Directive, Cyber Resilience Act, and Cyber Solidarity Act. It also supports the cybersecurity certification process for ICT products, services, and processes. ENISA is also entrusted with operating the EU Cybersecurity Reserve and the European Vulnerability Database (EUVD).
  • Cybersecurity Act (2019, amended 2025): Strengthened ENISA's role and established the European Cybersecurity Certification Framework (ECCF), providing common cybersecurity requirements and evaluation criteria for ICT certification. An amendment adopted on 15 January 2025 extended this scope to managed security services.
  • Cyber Resilience Act (entered into force 10 December 2024): Establishes common standards for products with digital elements (hardware and software), requiring them to meet specific cybersecurity requirements throughout their lifecycle, including automatic security updates and incident reporting, ensuring products are secure by design and by default.
  • Cyber Solidarity Act (entered into force 4 February 2025): Aims to improve preparedness, detection, and response to cybersecurity incidents across the EU.
  • Cyber Crisis Management: The draft Cyber Blueprint (published 24 February 2025) outlines the EU framework for cyber crisis management, mapping relevant actors and their roles throughout the crisis lifecycle, from preparedness and detection to response and recovery.
  • Investment and Policy Guidance: The EU invests heavily in cybersecurity through its Recovery Plan, Horizon Europe for research and innovation, Digital Europe Programme for capacity building, and InvestEU for strategic investments. Policy guidance covers areas like secure 5G deployment (EU Toolbox on 5G cybersecurity), securing the electoral process, and an action plan for the cybersecurity of hospitals and healthcare providers (15 January 2025).
  • Skills and Awareness: Initiatives like the Cybersecurity Skills Academy address the growing workforce gap, and campaigns like the European Cyber Security Month raise public awareness.
  • International Cooperation: The EU engages in Cyber Dialogues with various partners (e.g., UK, Ukraine, India, Japan, South Korea, Brazil) to advance shared cybersecurity interests, and has put forward a Joint Communication on an EU Cyber Defence Policy to boost defence capabilities.


United States of America (USA)


The US approach is led by the Department of Homeland Security (DHS) and the National Institute of Standards and Technology (NIST), focusing on national resilience, critical infrastructure protection, and risk management.


  • Department of Homeland Security (DHS): Plays a lead role in strengthening cybersecurity resilience, investigating malicious cyber activity, and advancing cybersecurity across the nation.
  • Cybersecurity and Infrastructure Security Agency (CISA): Leads national efforts to understand, manage, and reduce risk to cyber and physical infrastructure. CISA is the operational lead for federal cybersecurity, protecting federal civilian executive branch networks, and serves as the national coordinator for critical infrastructure security and resilience. CISA is also committed to securing America’s election infrastructure.
  • Cyber Safety Review Board (CSRB): An independent public-private advisory body administered by DHS through CISA, it reviews significant cyber incidents and provides actionable recommendations for both public and private sectors.
  • Other Components: DHS components like the Transportation Security Administration (TSA), United States Coast Guard (USCG), United States Secret Service (USSS), and Immigration and Customs Enforcement - Homeland Security Investigations (ICE HSI) all contribute to cybersecurity within their specific domains, from transportation and maritime security to financial crime and dark net investigations. The Office of Policy coordinates cyber incident reporting requirements across federal departments and regulators.
  • National Institute of Standards and Technology (NIST): Provides guidance to help organisations better understand and improve their management of cybersecurity risk.
  • Cybersecurity Framework (CSF): NIST offers a cybersecurity framework, currently in CSF 2.0, designed for industry, government, and other organisations to reduce cybersecurity risks. It includes quick start guides, profiles, informative references, and tools. NIST actively seeks public comment on publications related to emerging cybersecurity risks and ransomware risk management.
  • Critical Infrastructure Guidance: NIST's framework specifically helps IT providers and stakeholders secure critical infrastructure.