A first GCHQ Annual Lecture took place at Bletchley Park, the UK intelligence agency’s wartime home, given by the Director GCHQ Anne Keast-Butler. She covered ‘the fast-changing tech landscape’, and how ‘warfare is being reconfigured; increasingly data-driven, AI-enabled, and automated in conflicts from Ukraine to Iran’. Data is a strategic asset, she suggested.
She said: “The UK is well placed to seize massive opportunities from data, but only if weโre vigilant. Managing risk and protecting data is at the heart of what we do at GCHQ.ย The National Cyber Security Centre โ a part of GCHQ – plays a key role in protecting the data highways and junctions that connect our lives, from the NHS and National Grid to the emerging data economy that is powering the AI revolution.”
She argued that cyber security has never been more important, and described it as ‘a critical priority for all businesses’. She said: “The AI revolution is now fully upon us –ย with ever faster pace of model releases, increasingly sophisticated agents, and greater system autonomy – transforming the world with both promise and peril.ย Thatโs equally true for intelligence and security.” As for the agency’s work, she spoke of ’embedding frontier AI deeper into our operations โ responsibly and ethically – to enhance algorithms, translate foreign languages, and find needles in haystacks faster than ever’.
For the speech in full visit https://www.gchq.gov.uk/speech/gchq-annual-lecture-2026-as-delivered.
Comments
Graeme Stewart, head of public sector at the software firm Check Point, said: โFor years, cyber attacks were treated like someone rattling the handle on a locked door. Irritating, disruptive, but contained. Now they spread more like a fire moving through connected buildings.
“One compromised supplier, one stolen password, or one vulnerable system can spread through hospitals, retailers, logistics networks, and public services within hours because modern infrastructure is so tightly interconnected. We have already seen the consequences. The NHS attack caused major disruption to patient care. Attacks on M&S, Co-op, and Jaguar Land Rover created operational chaos, interrupted services, and exposed how quickly disruption spreads once core systems are hit. People do not experience these attacks as lines of malicious code. They experience them as cancelled appointments, empty shelves, delayed orders, payment failures, and businesses grinding to a halt.
“That is why the warning from GCHQ feels so serious. These attacks are becoming more coordinated, more aggressive, and far more strategic. Some are financially motivated. Others are designed to create instability, expose weaknesses, and undermine confidence in systems people rely on every day. Too many organisations still think cyber security sits quietly with the IT department in the background. It now sits much closer to public safety and national resilience.
“A century ago, cities learned that a single fire could spread block by block if the protections were weak. The digital world works the same way. One vulnerability can quickly become everybodyโs problem.โ
