Richard Horne, CEO of the United Kingdom’s National Cyber Security Centre (NCSC), joins host Frank Cilluffo to explore how the UK is strengthening cyber resilience across critical infrastructure, private industry, and international partnerships. Drawing from his experience in both government and the private sector, Horne outlines NCSC’s approach to tackling advanced threats, closing resilience gaps, and collaborating with allies on systemic cyber defense. The conversation spans ransomware, AI, supply chain risk, quantum cryptography, and how organizations—large and small—can better prepare for disruption. Horne emphasizes the growing complexity of the digital threat landscape and urges a pragmatic, contest-oriented mindset to keep pace.

Main Topics Covered:

• The mission and structure of the UK’s National Cyber Security Centre (NCSC)

• Cyber resilience through exposure, defenses, and consequence management

• Gaps in critical infrastructure protection and supply chain vulnerabilities

• Use of AI and automation in both defense and attack

• International collaboration and the importance of Five Eyes partnerships

• Quantum computing and the need to prepare cryptography for post-quantum threats

Key Quotes:

“AI is almost like… when we moved from wooden [tennis] rackets to composite rackets. Was that an advantage? It was an advantage to both sides. [...] If you stick with a wooden racket, then ultimately you're going to be overcome.” — Richard Horne

“We see many cyber attacks exploiting zero-day vulnerabilities that frankly shouldn't be there. And the quality of code that we have in our hardware, software… is a big issue.” — Richard Horne

“In the world we're in, we all need to recognize we have a responsibility for cyber security for ourselves and for others.” — Richard Horne

“The relationship with the U.S. and the Five Eyes really does underpin especially our understanding of the most advanced threat.” — Richard Horne

“You'll often see sort of ransomware attacks against some small company you've never heard of and then potential front page impact the next day.” — Richard Horne

Related Links:

UK National Cyber Security Centre (NCSC)

NCSC Cyber Essentials Program

Guest Bio: Richard Horne has served as CEO of the UK’s National Cyber Security Centre since October 2024. Prior to that, he was a Cyber Security Partner at PwC UK, where he advised global leaders on cyber risk strategy and led responses to major incidents—including the 2021 ransomware attack on Ireland’s health service. He previously led cyber risk management at Barclays and played a key role in developing the UK’s first national cyber security plan during a stint with the Cabinet Office. Richard holds a PhD in Mathematics and has represented the UK in cybersecurity forums at the OECD, European Commission, and ISO.