In May 2026, the Joint Terrorism Analysis Centre (JTAC) raised the UK National Terrorism Threat Level from SUBSTANTIAL to SEVERE. That means a terrorist attack is now assessed as highly likely. It is the first time the level has reached SEVERE in over four years, and it reflects a threat picture that has been steadily deteriorating for some time.
For organisations responsible for staff, premises, and public-facing operations, this is not a moment to wait and see. It is a moment to assess your preparedness honestly and act on what you find.
This article sets out what the current threat landscape looks like, what the data tells us about how attacks are evolving, and what your organisation is now legally and operationally required to do.
The UK operates a five-tier threat level system, ranging from LOW to CRITICAL. SEVERE sits at the second-highest tier. It signals that an attack is not just possible, but highly likely within the foreseeable future.
The decision to raise the threat level in May 2026 followed the stabbing of two men outside a synagogue in Golders Green, North London, on 29 April. JTAC was clear that while this attack was a contributing factor, it was not the sole reason for the change. The UK has been experiencing a gradual and sustained rise in terrorist threat across multiple ideologies for some time.
According to MI5, the current threat is characterised by:
This is not a single-strand threat. It is a convergence of several escalating risks, and organisations that plan for only one type of attack are leaving themselves exposed.
The threat level headline is supported by a growing body of official data.
Counter Terrorism Policing confirmed in March 2026 that, at the end of 2025, there were 267 people in custody for terrorism and terrorism-connected offences in Great Britain. This is the highest number since comparable records began. The previous peak of 266 was set only the year before, in 2024.
In 2025, there were 255 terrorism-related arrests, a 2% increase on the 250 recorded in 2024. Since the start of 2020, Counter Terrorism Policing and UK Intelligence Services have disrupted 19 late-stage attack plots. Countering state threats now accounts for more than 20% of all Counter Terrorism Policing casework, and demand on the War Crimes Team has increased by 50% since 2020.
The House of Commons Library has confirmed that between September 2001 and March 2025, there were 5,734 terrorism-related arrests in Great Britain. Young people continue to be overrepresented, with those aged 17 and under accounting for 39 arrests in 2025.
Home Office statistics for the year ending September 2025 showed 256 terrorism-related arrests outside the specific Palestine Action proscription cases, a 3% rise on the previous year. Of those taken into custody as of September 2025, the majority held Extreme Islamist ideologies, with a significant proportion categorised as Extreme Right-Wing.
The trajectory is consistent: more investigations, more arrests, more people in custody, and a growing diversity of ideological motivation.
Understanding the nature of the threat is as important as understanding its scale. The evidence points clearly toward a shift away from complex, coordinated attacks toward simpler, faster, harder-to-detect methods.
Home Office analysis indicates it is highly likely that a terrorist attack in the UK would now be carried out by an individual or small cell using a low-sophistication methodology. The most probable attack types include:
Complex attacks involving explosives or organised cells remain possible, but the barriers to planning and executing them give security services more opportunity to identify and disrupt them. It is the simple, spontaneous attack that is hardest to prevent and easiest to miss.
This has direct implications for how organisations train their staff. A colleague who knows what to look for, understands the principles of Run, Hide, Tell, and can respond calmly in the first minutes of an incident is a genuine line of defence. Passive perimeter controls alone are not enough.
The Terrorism (Protection of Premises) Act 2025, widely known as Martyn’s Law, received Royal Assent on 3 April 2025. Named in memory of Martyn Hett, who was killed in the Manchester Arena attack in May 2017, the legislation places a legal duty on organisations responsible for qualifying premises and events to take proportionate steps to protect the public.
The Act introduces two tiers of obligation:
Compliance will be overseen by the Security Industry Authority (SIA), which has been formally appointed as the national regulator. The SIA will issue statutory guidance, run a notification and registration system for in-scope premises, carry out inspections, and take enforcement action where necessary.
The implementation period is underway and is expected to conclude in 2027. Organisations that fail to comply may be subject to enforcement action, including compliance notices and financial penalties, with offences arising in specific circumstances under the Act.
The clear message from regulators is that early preparation is strongly preferable to last-minute compliance. Those who begin assessing their premises and embedding emergency procedures now will be far better placed when the SIA’s full regulatory powers come into effect.
A raised threat level and a new legislative framework are only meaningful if they prompt action. For most organisations, that action needs to happen across three areas.
First, situational awareness. Your staff are often the earliest warning sign. Colleagues who understand what radicalisation can look like, who know how to report suspicious behaviour through channels such as ACT (Action Counters Terrorism), and who have been trained to recognise pre-attack indicators are significantly more valuable than any perimeter measure that can be circumvented.
Second, physical security and hostile vehicle mitigation. The use of vehicles as weapons remains one of the most common attack methodologies in Western Europe. For venues, event spaces, and publicly accessible premises, physical protective measures and site assessments are no longer optional considerations.
Third, emergency response and staff training. A staff team that freezes in the first 90 seconds of an incident is a staff team that cannot protect itself or the people in its care. Counter-terrorism awareness training, including Run Hide Tell procedures and incident management protocols, should be embedded across all roles, not limited to security personnel.
Ubique Risk Management works with organisations across the public and private sectors to build genuine protective security capability. Our services are designed to be practical, evidence-based, and proportionate to the actual threat picture your organisation faces.
Our counter-terrorism consultancy covers site assessments, hostile vehicle mitigation planning, and protective security strategy. Our Training Academy delivers accredited courses including:
If your organisation has not yet reviewed its preparedness in light of the current threat level or begun planning for Martyn’s Law compliance, now is the time to start. The regulatory clock is running, and the threat environment is not waiting.
Speak to our team to discuss how we can support your organisation.
Sources: MI5 (mi5.gov.uk), Counter Terrorism Policing (counterterrorism.police.uk), Home Office Official Statistics, ProtectUK (protectuk.police.uk), House of Commons Library. All data correct as of June 2026.
