By skyforbes 
A Critical Flaw in the UK’s Cyber Defence Strategy
The UK’s National Cyber Security Centre (NCSC) has long been a global leader in cyber defence, providing guidance, tools, and advice to secure the nation’s digital infrastructure. Yet a close reading of the NCSC’s Annual Reviews for 2024 and 2025 is informative: neither report gives Open-Source Intelligence (OSINT) significant attention as a central aspect of cyber defence policy.
This failure is even more conspicuous when compared with other institutional paradigms — most significantly, the United States intelligence community, which has put OSINT firmly at the centre of its intelligence framework. As the US Central Intelligence Agency (CIA) succinctly puts it, “OSINT forms the foundation upon which classified intelligence is built.” So why has the NCSC not issued OSINT as a pillar in the fight against cybercrime?
What NCSC Annual Reviews Do Mention
The 2024 and 2025 NCSC Annual Reviews are comprehensive reports that address threat environments, handling incidents, cyber resilience, and emerging technologies such as artificial intelligence and post-quantum cryptography…