The UK government logs over 200 "national security-level cyber incidents" a month and has said that, while none has caused serious problems yet, it is only a matter of time before they do.
This was the stark warning from Ciaran Martin, CEO of the newly established National Cyber Security Centre (NCSC), in his first public address at the Billington Cyber Security Summit in Washington.
Martin revealed that cyber attacks against the nation are a regular occurrence, but that they have so far failed to do any real damage.
"In the UK we've faced and continue to face some very serious cyber attacks. Unlike some of our allies, there has not yet been a single stand-out incident of a hostile foreign cyber attack that's resonated as a first-order national crisis with the public and media," he said.
However, he went on to say that he "knows" such an attack will take place given the proliferation of attacks.
"Last year we detected twice as many national security-level cyber incidents - 200 per month - than we did the year before," he added.
The reference to "last year" means 2015, and it seems likely that this number is now even higher as cyber attacks of all types continue to grow.
Martin noted that many attacks are "not terribly sophisticated" and can be stopped easily with the right systems in place. But this is not always the case, and he cited the TalkTalk hack in November 2015 as an example.
"Far too many of these basic attacks are getting through. And they are doing far too much damage. They're damaging our major institutions," he explained.
"A British telco hit the headlines last year and the initial speculation was around a highly sophisticated attack. But it is now believed to have been an SQL injection, a basic technique dating from the end of the last century."
Martin said that the government, through the NCSC, is looking at ways to further protect the nation and go after those behind the attacks.
This includes the notable idea of a nationwide DNS filter, effectively a giant firewall that would seek to block content or websites from being accessible through partnerships with major network firms operating in the UK.
"We're exploring a flagship project on scaling up DNS filtering. What better way of providing automated defences at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses?" he said.
"Now it's crucial that all of these economy-wide initiatives are private sector-led. The government does not own or operate the internet. Consumers must have a choice. Any DNS filtering would have to be opt out-based. So addressing privacy concerns and citizen choice is hardwired into our programme."
It is unclear how far along this project is or when it will be introduced, but such a move is notable for the top-level approach in the NCSC remit.
Martin also revealed that the UK is looking into the "lawful and carefully governed use" of offensive cyber weapons, and that the US and UK will work together on this project.
"We work very closely with US colleagues and only last week the US secretary of defence and our secretary of state for defence signed a Memorandum of Understanding to investigate jointly the advance of offensive and defensive cyber capabilities," he said.
Despite Martin's positive tone, his speech came as the National Audit Office criticised the government for a cyber strategy that lacks coherence and has too many departments with overlapping responsibilities.
Ultra-high-end all-in-one PCs from HP feature either 24-inch or 27-inch displays
Roomba 'smart' vacuum cleaner company iRobot plans to sell maps of users' homes to Apple, Amazon and Google
'Smart' products spying on their owners and selling the data for profit? Who'd have thought it!
TNT Express still struggling with NotPetya malware - crucial documents remain locked up in borked systems as staff grapple with manual procedures
TNT depots over-flowing with parcels as the company struggles to recover from NotPetya - while Reckitt Benckiser reports 'ongoing' recovery
Full roll-out of Android O expected within weeks