Five things from the past working week that a UK board should know about, in the order they would matter if you had to brief a chair over coffee on Monday morning. Where I have included something, it is because there is a decision attached to it.

1. NCSC named the company running China-nexus covert botnets

On 23 April NCSC and CISA published a joint advisory titled Defending against China-nexus covert networks of compromised devices. The unusual feature is the attribution: the advisory names Beijing-headquartered Integrity Technology Group as the entity managing the Raptor Train botnet — a network of more than 200,000 compromised devices worldwide — and assesses that the majority of activity from Volt Typhoon and Flax Typhoon operators now runs through covert infrastructure of this type.

The advisory is direct about targeting priorities: UK telecoms, energy, water, and broader critical national infrastructure are explicitly in scope. It is also unusually specific on indicators of compromise, which gives technical teams something to act on rather than worry about.

For boards. This is one of those rare advisories worth lifting into board reporting almost unaltered. The right question this month is not are we under attack from China? — the assumption should be yes — but if a device in our environment was part of that botnet, would we be able to find it before NCSC told us?

2. The UK cyber chief told businesses to brace

The public-facing companion to the technical advisory came in NCSC's own reporting and through statements covered by The Record from Recorded Future News: the head of NCSC warning British businesses to prepare for sustained, state-aligned attacks. Read together, the technical advisory and the public statement constitute a deliberate signal: the government is calibrating expectations upward.

The statement came against the backdrop of NCSC's Annual Review 2025 numbers — a 130% increase in nationally significant cyber incidents over the previous year, with four such incidents handled every week on average. M&S, the Co-op, and Jaguar Land Rover are now standard references in NCSC's own briefings.

For boards. Boards in critical sectors should expect their regulators to take a harder line in the next quarter on the back of these statements. If the executive says “we are aligned with NCSC guidance”, the right follow-up is show me the gap analysis against the most recent advisory.

3. A sitting MP's website was knocked offline by traffic traced to China

Sir David Davis MP confirmed in the Commons this week that his IPSA-funded constituency website was first compromised with malicious links redirecting visitors to Southeast Asian gambling sites, then, after restoration, was hit with a sustained DDoS — 142 million requests consuming nearly 800 gigabytes of data in 24 hours, with traffic Davis characterised as traceable to China.

It is a small incident by volume — one MP, one site. It is a larger incident by what it says about appetite: an individual member of Parliament's web presence is now a worthwhile target for sustained, attributable activity.

For boards. If your firm has executives or directors with public profiles — particularly those who comment on China, Russia, Iran, or critical infrastructure policy — their personal digital presence is part of your attack surface, not theirs. The control conversation has to happen at organisational level even when the asset is personal.

4. The Easter ransomware echo is still being felt

The wave of attacks that hit Marks & Spencer, the Co-op, and Harrods over Easter — the most visible UK retail compromise sequence in years, referenced by NCSC as part of the Category 2 incident count — continued to produce knock-on effects this week, with supply-chain disclosures, regulator briefings, and at least one parliamentary question. Cumulative costs across the affected firms now run into hundreds of millions.

What this week added was the realisation, in several boardrooms I have spoken to, that the affected firms had broadly comparable security postures to the unaffected ones. The attackers chose; defenders are not always in a position to make themselves uninteresting.

For boards. We have the same controls as our peers is no longer a defence. The board version of the question is: what specifically about us would make us a less attractive target than the firm next door, and is that true?

5. AI security moved from research papers to production incidents

The OWASP GenAI Security Project's Q1 2026 exploit round-up — published 14 April but discussed widely this week — characterises prompt injection as having moved from theoretical to practical for enterprise data leakage. The accompanying data shows a 340% year-on-year rise in documented prompt injection attempts, with two-thirds of successful attacks going undetected for more than 72 hours.

For most firms the gap is governance, not technology. Roughly two-thirds of organisations have already experienced AI-related data leaks; under a quarter have formal AI security policies in place. Those numbers describe the same problem from two angles.

For boards. Add AI agent governance to the standing items list before the regulator does it for you. The minimum acceptable answer to what AI agents run in our environment, under whose credentials, with what scope? is no longer a shrug.

The thread that ties this together

Four of these five stories are state-aligned activity, public-sector signalling, or both. The fifth is AI risk that the same actors are now using. The pattern of the week is a government and its regulators visibly moving — and asking visibly more of the firms they regulate.

The question worth taking into next week: if NCSC publishes another advisory in the next month, will we be the firm that responds within 48 hours or the firm that learns we were affected when the news breaks?

That is the work.