DSIT cyber security newsletter – March 2026

The start of 2026 has been exceptionally busy on cyber security, with significant developments across policy, legislation and support for businesses and the wider ecosystem. This edition of our newsletter brings together some important updates from the past few months and highlights what the government is doing for organisations across the UK. 

Parliament continues to scrutinise the Cyber Security and Resilience Bill as it moves through its stages, promising a major step forward in strengthening the UK’s cyber defences.

DSIT cyber security newsletter – March 2026

Alert: NCSC advises UK organisations to take action following conflict in the Middle East

As a result of the ongoing conflict in the Middle East, there is likely no current significant change in the direct cyber threat from Iran to the UK, however due to the fast-evolving nature of the conflict, this assessment may be subject to change.

There is almost certainly a heightened risk of indirect cyber threat for those organisations and entities who have a presence, or supply chains, in the Middle East

Iranian state and Iran-linked cyber actors almost certainly currently maintain at least some capability to conduct cyber activity.

Alert: NCSC advises UK organisations to take action following conflict in the Middle East | National Cyber Security Centre – NCSC.GOV.UK

AI and biometrics strategy update – March 2026

Give organisations certainty on how they can use AI and ADM responsibly under data protection law

In June 2025, we published our commissioned research into the public perceptions of the use of automated decision-making (ADM) in recruitment processes. This research provides a better understanding of how ADM is currently perceived and experienced by the public, and what the main concerns and expectations are, at a time of considerable technological change in recruitment practices.

AI and biometrics strategy update – March 2026 | ICO

Council agrees position to streamline rules on Artificial Intelligence

Streamlining the AI rules is essential for ensuring the EU’s digital sovereignty. As presidency, we worked on this proposal with urgency, reaching a swift agreement to facilitate the timely application of the AI act. The proposal will bring greater legal certainty, make the rules more proportionate and ensure more harmonised implementation across member states. We are ready to work with our co-legislators in our common efforts to support our companies, facilitate innovation and build a more competitive Europe.

https://www.consilium.europa.eu/en/press/press-releases/2026/03/13/council-agrees-position-to-streamline-rules-on-artificial-intelligence/

Heart attack patients at risk as defibrillator supplies targeted in NHS hack

Iran-linked hackers breached an NHS supplier in retaliation to US strikes on Tehran, pausing the supply of essential medical equipment to UK hospitals.

A hacktivist group linked to Iranian intelligence successfully breached the IT systems of a global medical technology firm supplying the NHS, pausing orders of mouth swabs and defibrillators to UK hospitals.

The incident highlights a growing concern that the NHS is prone to cyber attacks which cause a “catastrophic risk” to patient safety, experts warned.

Heart attack patients at risk as defibrillator supplies targeted in NHS hack

Millions of UK businesses exposed by Companies House security flaw

A major security flaw with Companies House has exposed the private details of directors at millions of businesses in the UK.

Companies House, which serves as the UK’s official corporate register, was forced to shut down its online filing service after the vulnerability was discovered last Friday. The issue has since been fixed, with the service restored on Monday morning.

The reported bug allowed users of Companies House WebFiling system to view specific data from the 5 million registered companies, including the dates of birth and residential addresses of a business’s key personnel.

Millions of UK businesses exposed by Companies House security flaw | The Independent

PRESS RELEASE: 4 in 5 parents concerned about their child being groomed online

London, 18 March 2026: A new survey has revealed that four in five parents surveyed in the UK are concerned about their child being groomed online.

The survey of 1,000 parents, commissioned by the leading charity Breck Foundation, also found just a third (33%) of parents believe the government is doing enough to protect children from online grooming.

Nearly one in five parents (19%) say they would not be confident recognising the signs of online grooming, and over 1 in 6 parents (18%)3 are unsure what to do if they suspected their child was at risk. Over 80% of parents now support schools providing education to help safeguard children against online grooming.

PRESS RELEASE: 4 in 5 parents concerned about their child being groomed online 

Inside Counter Terrorism podcast series back with new episodes

Inside Counter Terrorism Policing delves into the lives and careers of the incredible staff and officers working to protect the nation from terrorist and national security threats. 

So much of what we do can’t be talked about publicly. But in season two, we’re going behind the scenes with men and women who work across Counter Terrorism Policing, from those working in EOD, and in hostile locations overseas, to the legal teams, intelligence officers, and people managing terrorists in the community.  

They’ll talk about the careers that led them here – the good stuff and the bad – and share their advice about working in policing. 

Inside Counter Terrorism podcast series back with new episodes | Counter Terrorism Policing 

Latest terrorism-related arrest data released

The latest figures on terrorism arrests made in the UK in 2025 have been released, showing that more people are in custody for terrorist offences than ever before.  

New data released today by the Home Office has shown that there were 255 terrorism-related arrests* between 01 January and 31 December 2025, an increase of 2% compared with the previous year’s 250.  

In the latest data-set, the number of arrests [2,779] for proscription offences relating to Palestine Action is also included. Our latest statement on Palestine Action is here.

Latest terrorism-related arrest data released | Counter Terrorism Policing 

A Northumberland teenager has been convicted by a jury for multiple terrorism offences.

The 16-year-old, who cannot be named for legal reasons, was found guilty of offences including membership of a proscribed organisation, possession and distribution of terrorist publications, following a four-week trial at Leeds Crown Court. Sentencing will take place on Friday 27 March.

The teenager, who was 15 at the time, was arrested as part of an intelligence led operation by Counter Terrorism Policing North East, supported by Northumbria Police, on February 20, 2025, from his home address in Northumberland.

Warning around extreme content online as teenager is convicted of terrorism offences | Counter Terrorism Policing