9 October 2025 - NCC Group has today published the fourth edition of its Global Cyber Policy Radar, offering fresh insights into the fast-evolving landscape of cyber security regulation and government policy worldwide.
As geopolitical tensions reshape the digital domain, Edition 4 of the Radar provides a strategic overview of the cyber laws and regulatory trends that will define the next phase of global cyber governance. From the rise of offensive cyber capabilities; to the tightening of supply chain oversight; and the transition to post-quantum cryptography; the report equips business leaders with the foresight needed to navigate regulatory complexity and build future-proof cyber programmes.
The latest edition also highlights the growing role of cyber security as an enabler of economic growth, with governments investing over $6 billion in cyber defences while placing increasing responsibility on the private sector to secure their own digital environments. Putting this investment into context, the $6 billion in committed government spending on cyber security is equivalent to: 62 F35C fighter jets; or 630 M1 Abrams tanks; or 1,670 MQ-1 Predator drones.
As policymakers look towards the challenges of post-quantum cryptography (PQC), the report includes a spotlight interview with Microsoft Director for Cybersecurity Policy, Kevin Reifsteck and NCC Group Practice Director for Cryptography Services, Javed Samuel, exploring the key highlights from government action and how organisations should prepare for PQC.
Kat Sommer, Associate Director of Government Affairs at NCC Group, commented: “Cyber rules are no longer just a compliance issue, they’re a strategic imperative. This edition of the Radar helps organisations understand not just what’s coming, but what it means for their business, and how to respond in a way that builds resilience and competitive advantage.”
“Cyber security programmes must adapt to a new era of geopolitics. Across governments worldwide, national security, sovereignty and interventionism are dominating cyber policy and regulatory agendas. Investment in offensive cyber capabilities is on the up, while government-mandated rules and regulations are increasingly likely to affect organisations at multiple touchpoints.”
“The impact on business leaders overseeing cyber security programmes is significant. Reactive rule-by-rule compliance will no longer suffice. Cyber governance must be long-term, global and account for – and be flexible to – governments’ fast-moving and shifting priorities.”
Key themes explored in Edition 4 include:
- The shift from reactive compliance to strategic cyber governance
- The implications of ransomware payment bans and incident reporting mandates
- The global race to secure supply chains and critical infrastructure
- The urgency of preparing for PCQ transitions, expert insight from Microsoft
The report draws on NCC Group’s work as a trusted advisor to governments and regulators, offering expert analysis and actionable guidance for CISOs, legal teams and policy professionals.
Read the full report here: https://www.nccgroup.com/global-cyber-policy-radar/