National Resilience Committee

The committee scrutinised the Ministry of Defence’s role in the Government’s Cabinet Office-led home defence programme, including whole-of-society resilience, NATO Article 3 obligations, plans for testing and exercising national defence arrangements, and the case for new legislation. Witnesses set out the Strategic Defence Review’s spending and industrial priorities, including integrated air and missile defence, space, cyber, reserve mobilisation, and protection of critical national infrastructure. Ministers and senior officers stressed that legislation would strengthen powers but was not a prerequisite for continuing preparations, while reservist growth, civil resilience, industry integration and regional capability all emerged as major policy themes.

The National Resilience Committee inquiry explored how media reporting shapes national resilience, the governance of data and vulnerable populations during crises, the adequacy of legislation and institutional architecture (Civil Contingencies Act, COBR/CS), and practical steps to strengthen society-wide preparedness. Witnesses urged a whole-of-society approach, stronger data sharing (balanced with privacy), and clearer government leadership (including a dedicated resilience minister and national plan). Key proposals include Finnish-style executive education for senior decision-makers, a public list of critical firms, expanded use of local resilience forums, and a UK Resilience Academy. Several witnesses highlighted funding challenges for the voluntary sector, opportunities for private-sector partnerships, and the need to reduce GDPR-related data barriers during emergencies. Overall, the session pressed for concrete, resourced national coordination, statutory or regulatory clarity, and early, transparent government communication on threats.

The committee examined the UK’s national resilience in the face of escalating cyber threats, with emphasis on government action, the role of AI and quantum computing, private-sector preparedness, transparency, and upcoming legislation. Key government commitments include the Government Cyber Action Plan funded at over £210 million to establish a central cyber unit and incident-response coordination, and the Cyber Security and Resilience Bill progressing through Parliament. Witnesses stressed that cyber risks are rising, driven by legacy tech, cloud interdependencies, and complex supply chains, and that basic cyber hygiene remains foundational. There was cautious advocacy for targeted transparency in the private sector, and a stance against ransom payments by government policy, alongside recommendations to adopt post-quantum cryptography and to strengthen defensive AI capabilities.

This session of the National Resilience Committee interrogated UK preparedness amid a more volatile geopolitical environment, rapid tech-change and “poly-crisis” risk. Key themes included: the case for accelerating decision-making and potentially creating a parallel national security architecture; a drive to regionalise resilience and better connect with local authorities, mayoral authorities and existing networks; governance innovations such as an Ofgem-style regulator for resilience; stronger risk communication with the public and combating misinformation; deeper international collaboration (e.g., JEF, EU channels) to pool resources and best practices; and greater private-sector leadership and investment in a stable operating environment. The witnesses outlined practical steps and emphasised leadership over legislation in the short term, while some panel members argued for earlier, broader legislative scaffolding to bolster resilience.

The 19 March 2026 National Resilience Committee session gathered four Nordic ambassadors to scrutinise how Sweden, Denmark, Norway, and Finland define and implement national resilience. Witnesses outlined long-standing, multi-actor approaches that integrate civil society, private sector, and public institutions into defence and emergency planning. Major themes included: the Nordic shift to holistic, whole-of-society resilience; cross-border cooperation to protect critical infrastructure; significant government reforms and funding in each country (e.g., Sweden’s civil-defence and psychological-defence frameworks, Denmark’s Ministry of Resilience and a doubled defence budget, Norway’s 2025 White Paper and National Security Strategy, Finland’s enduring civil-defence model and conscription culture); counter-disinformation measures (Sweden’s Psychological Defence Agency and Be Critical campaigns); and the role of public engagement to sustain resilience without inducing alarm. A notable legislative signal was Finland’s reference to the Ottawa landmines treaty withdrawal as part of deterrence. The session also highlighted practical measures (shelters, emergency supply agencies, and training regimes) and set out lessons for the UK in fostering a whole-of-government approach and cross-border collaboration on resilience and supply chains.

The session scrutinised UK national resilience across public, private and local governance actors, focusing on how interdependent risks are recognised and managed, and how preparedness can be improved. Key government commitments/positions identified include the NAO highlighting the Government’s generic-capabilities approach to risk, the need for cross-government leadership and clearer risk-outcome definitions, and recognition of local-global integration through Local Resilience Forums. Witnesses from the NAO, Local Government Association, Resilience Academy, Resilience First, and CBI pressed for stronger private-sector engagement, clearer public messaging, longer-term planning, better data, and a more strategic framing of resilience (beyond reactive planning). The discussions also flagged concerns about fragmented leadership, underutilised private-sector channels, SME readiness, and the risk of bureaucratic delays in resilience governance, with multiple calls for clearer roles, improved information-sharing, and cross-cutting governance (e.g., a government Chief Risk Officer).