posted 10th June 2025
The National Security Strategy 2025 marks a major shift in how the UK thinks about security. It’s not just about military capability or foreign policy anymore – it’s about resilience. Energy resilience. Cyber resilience. Economic resilience. The resilience of systems, services and communities across every part of society.
This is something those of us working in resilience have known for a long time: national security incidents rarely play out neatly within the boundaries of national agencies. Their impact is immediate, disruptive, and most often absorbed by local systems – and increasingly, by critical industries too.
Take cyber. When a ransomware attack hits a local council or NHS trust, it may be classified as a Tier 2 or Tier 3 incident nationally – but locally, it’s a full-blown crisis. Frontline services grind to a halt. Vulnerable people can’t be reached. There are safeguarding risks, legal liabilities, and enormous reputational damage.
Or look at energy shocks. National-level grid issues may be triggered by international events – but their consequences are deeply local: hospitals relying on backup generators, care homes dealing with vulnerable residents in the dark, councils trying to coordinate support with patchy comms and no power.
These same dynamics now affect the private sector too. Fintech firms, data-driven industries, utilities and high-value service businesses are all deeply exposed to resilience failures. Even the best continuity plans can’t fully insulate a business from systemic disruption – whether that’s a region-wide power outage, a cyber compromise of core infrastructure, or a national-level incident that cascades into local chaos.
The UK’s interconnectedness – digitally, logistically, and socially – means that risk is now systemic. No organisation is an island. And as the National Security Strategy rightly says, we need a whole-of-society approach to resilience – not just plans on paper, but capabilities in practice.
At Applied Resilience, we work where this theory meets reality. We help local authorities, NHS organisations, and critical industries prepare, respond and recover – often under real-world pressure. We design and test plans, embed continuity into operations, run live scenarios, and bring clarity in the middle of chaos. We also help business and financial sector partners pressure-test their resilience and understand how local disruption can derail even the most robust internal systems.
The new strategy is a positive step – but if we’re honest, resilience at the local and operational level still lacks the investment, priority and clarity needed to deliver what the strategy demands.
Resilience isn’t just a public sector responsibility. It’s a shared national asset – and a strategic advantage if we get it right.
So if you’re leading on resilience, crisis management or business continuity – whether in local government, the NHS, fintech or infrastructure – we’re ready to support you. This isn’t just about preparing for the next crisis. It’s about making resilience the foundation of national strength and business confidence.
