The survey assesses the prevalence and impact of cyber breaches and attacks on UK businesses, charities and educational institutions, alongside organisations’ cyber security policies and processes.
Key insights include:
➡️ Ongoing Cyber Threats: 43% of businesses and 28% of charities reported experiencing a cyber security breach or attack in the last 12 months;
➡️ Phishing Remains Dominant: Phishing attacks continue to be the most common type of breach or attack experienced by organisations;
➡️Exposure to threats: Medium and large businesses are more likely to identify breaches or attacks compared with smaller organisations;
➡️ High-priority level: Cyber-security was considered a “high-priority” for senior management in 72% of surveyed businesses;
➡️ Incident Response Preparedness: A minority of organisations maintain formal cyber incident response plans despite persistent attack levels; and
➡️ Supply Chain Risks: The survey highlights continued concern around vulnerabilities arising from third-party suppliers and wider digital supply chains.
✅ Firms should review cyber governance arrangements, phishing controls, incident response capabilities and third-party risk management frameworks to strengthen operational resilience against evolving cyber threats.