The National Risk Register (NRR) is the public version of the National Security Risk Assessment (NSRA), the UK government’s comprehensive evaluation of the nation’s most critical risks.

Within the UK, a broad spectrum of risks exists, encompassing threats to life, health, society, critical infrastructure, economy, and sovereignty. These risks may originate from non-malicious sources like accidents or natural disasters, while others may emerge from deliberate malicious actions orchestrated by hostile entities seeking to cause harm.

For inclusion in the NRR, risks must meet a significant threshold, posing substantial potential impacts on the safety, security, or essential systems at a national level. The NRR catalogs 89 distinct risks, organized under nine thematic categories, though some risks may overlap and could be classified within multiple themes. These categories are:

  • Terrorism
  • Cyber
  • State threats
  • Geographic and diplomatic
  • Accidents and systems failures
  • Natural and environmental hazards
  • Human, animal and plant health
  • Societal
  • Conflict and instability

The UK government has developed comprehensive plans to enhance resilience against specific risks, encompassing those outlined in the National Risk Register (NRR). Some notable examples include the Net Zero Strategy, the National Cyber Strategy, the Government Food Strategy, the British Energy Security Strategy, and the UK Biological Security Strategy, each tailored to address distinct challenges and fortify the nation against potential threats.

Among the 89 distinct identified risks is a malicious drone incident.

Accidents and systems failures- Malicious drone incident

In recent years, the utilization of drones has experienced a substantial surge, finding applications in both commercial ventures and recreational activities. There are various rules and regulations related to using drones in UK airspace as required by the Civil Aviation Authority (CAA). Furthermore, flying drones in airport flight restriction zones is strictly prohibited unless explicit permissions have been granted.

The potential misuse of drones presents multiple concerning scenarios. Notably, in 2018, a drone sighting at Gatwick Airport caused significant disruptions to flight operations. Collaborative efforts persist among government departments, the CAA, industry stakeholders, and law enforcement to address this issue. These parties are continuously engaged in risk analysis and the fortification of strategies to enhance defenses against future malicious drone incidents.

Graph showing the Impact and Likelihood of a Malicious drone incident
Impact and Likelihood of a “Malicious drone incident.” (Image Credit: UK National Risk Register)


One potential scenario involves focusing on the malicious use of a drone at an airport, leading to disruptive consequences and safety concerns. It is essential to recognize that drones present a novel avenue for committing crimes and orchestrating attacks. The UK comprehensive planning considers all potential disruption and threats arising from negligent, criminal, or terrorist use of drones, extending beyond airport-related incidents.

In this particular airport disruption scenario, several vital assumptions come into play. For this assessment, it is assumed that the airport is operating at pre-COVID levels. Furthermore, it is assumed that the risk will not coincide with another significant event, and the perpetrator is believed to possess malicious intent.

For further information on the identified risks identified in the National Risk Register, please visit- National Risk Register- 2023 Edition.

For additional airspace awareness and protection resources, please visit:

Assessing UAS Threat and Vulnerability

Developing Operational Requirements- C-UAS DTI

A Guide To Selecting C-UAS Technology

Post Image Credit: HM Government