The announcement was made on 14 July, alongside the publication of an updated National Risk Register, which identifies seven new and emerging risks facing the UK. The multi-day exercise will bring together ministers, government departments, emergency services, local resilience partners and other key organisations to test how the country would respond to a large-scale national crisis.
According to the Government, the exercise is designed to strengthen the UK's resilience against so-called "hybrid threats"where cyber attacks, physical disruption, disinformation campaigns and attacks on critical infrastructure may occur simultaneously. It follows growing concern across Europe over the changing security landscape and the increasing sophistication of state and non-state actors.
Alongside the exercise, the updated National Risk Register highlights new risks including cyber attacks targeting data infrastructure, water systems and policing, as well as widespread technology failures and interference with democratic processes. The Government has also confirmed that a public resilience campaign will launch later this year, encouraging households to be better prepared for emergencies ranging from severe weather to cyber incidents.
For the security industry, the announcement reflects a broader shift in how resilience is being approached.
Security today is no longer viewed solely through the lens of physical protection. Organisations are increasingly expected to prepare for interconnected risks that could affect operations, supply chains and essential services at the same time.
That means resilience planning extends beyond access control, CCTV and guarding. It includes business continuity, cyber preparedness, incident response, crisis communications and close collaboration between public authorities and private sector organisations.
The exercise is also expected to test how information is shared between agencies and how critical services continue operating during periods of sustained disruption, something that has become increasingly important as digital infrastructure underpins everything from transport and healthcare to utilities and financial services.
For organisations responsible for protecting people, places and assets, these scenarios are no longer theoretical. Recent cyber attacks against UK retailers, alongside continued warnings from the National Cyber Security Centre about the growing capability of hostile states and criminal groups, have reinforced the importance of preparedness across both public and private sectors.
While large-scale national exercises are relatively rare, they provide an opportunity to test plans before a real incident occurs, identify weaknesses and strengthen coordination between the organisations that would be responsible for responding.
For the security profession, the message is clear: resilience is becoming just as important as prevention.
As cyber and physical threats continue to converge, the ability to prepare for disruption and recover from it will increasingly define how organisations protect people, infrastructure and essential services in the years ahead.
Register your interest for The Security Event 2027
Subscribe to The Security Briefing for monthly updates!