Editorial

UK Cyber Resilience Advice ‘Too Bland’, Says Northdoor

IT supplier Northdoor plc has criticised new UK Government guidance on supply chain resilience, arguing that the advice lacks the practical, tech-driven tools needed to defend against increasingly sophisticated ransomware attacks.

Posted 4 November 2025 by Christine Horton

The UK Government’s new guidance on strengthening supply chain resilience against ransomware has been criticised by IT solutions provider Northdoor.

The firm’s chief commercial officer, AJ Thompson, has warned that the recommendations, though welcome in principle, fail to equip organisations with the tools needed to counter today’s sophisticated cyber threats.

The guidance, developed in partnership with the Counter Ransomware Initiative and its Private Sector Advisory Panel, urges organisations to bolster their defences and reduce the risk of ransomware disruption. However, Thompson argues that the framework overlooks a critical issue: the difficulty of identifying and managing vulnerabilities hidden deep within complex third- and fourth-party networks.

“There is little doubt that supply chain attacks are now the most effective method cybercriminals are using to gain access to data and systems. The attacks against high-profile targets over the past few months should have acted as a wake-up call to all businesses,” he said.

Thompson warned that the guidance lacks the depth and proactivity required to address the scale of the threat.

“The issue is that most supply chains are now so large and complex, understanding where vulnerabilities lie within third parties or even further down the line is for most an impossible task. Therefore, advice from the Government is welcomed, but it needs to be more proactive, less bland, than what we have seen so far.”

If you liked this content…

Without detailed visibility into supplier ecosystems, organisations remain dangerously exposed, added Thompson.

“Without insight as to where the weaknesses lie within supply chains, companies are essentially leaving the back door open, no matter what they spend on frontline defences,” he said.

A New Mindset is Needed – Thompson

Northdoor’s AJ Thompson

Northdoor is calling for a fundamental shift in how both public and private sector organisations assess and manage cyber risk. The company advocates replacing outdated, questionnaire-based assessments with AI-driven tools capable of delivering a real-time, 360-degree view of supply chain vulnerabilities. Such technologies, Thompson said, can generate actionable intelligence far beyond the capabilities of traditional methods.

“The Government and companies need to appreciate that the response to supply chain attacks needs to be on par with the sophistication that the cybercriminals are using,” he said. “This doesn’t mean huge expense, but it does require a new mindset.”

The warning comes as the UK also signs a new UN treaty on countering cybercrime – a move that Northdoor describes as positive but insufficient without concrete, technology-enabled measures to turn policy into protection.
Event Logo

If you are interested in this article, why not register to attend our Think Digital Identity and Cybersecurity for Government conference, where digital leaders tackle the most pressing issues facing government today.


Register Now