Cyber Attacks Becoming a Nightmare for UK Businesses. Are CEOs And CISOs Playing a Cybersecurity Roulette?
30 June 2025 - Reading time: 10 minutes
Each passing day brings a new wave of cyber threats that loom over the future of business, waiting to strike at the most unfortunate moment. I was scrolling through today’s article in The Guardian, thinking “Ah, same old, same old”. But let us all stop for a moment and try to think together about what is really happening and how to break the vicious circle.
According to the UK Cyber Crime Statistics in 2025, over 560000 new cyber threats are discovered daily. Do you want more numbers? Recent figures released by the Royal Institution of Chartered Surveyors (RICS) show that an alarming one in four UK companies have suffered at the hands of cyber-attacks within just the last year alone. The predominant majority (81%) of those UK businesses that suffer from a Cyber Security Attack are small and medium-sized businesses (SMBs/SMEs). It is essential to grasp the extent of these statistics and their potentially catastrophic implications on a business's survival and reputation.
(Source: www.twenty-four.it/services/cyber-security-services/cyber-crime-prevention/cyber-crime-statistics-uk)
What lies at the heart of this growing crisis? Complacency, lack of awareness and absence of a long-term security strategy among some CEOs and CISOs are major contributing factors. Despite being aware of the looming dangers, they appear to “underestimate the enemy” and rather think about the short-term, small “demonstrable wins” (because it looks good in reports, right?), but at the same time, putting their entire companies at risk. This was exemplified by a recent high-profile attack on Marks & Spencer, which suffered weeks of downtime due to a catastrophic cyber breach that, in turn, led to a colossal financial loss. This all looks like a perilous game of cybersecurity roulette, and I am not sure if businesses can afford to play.
There is an opinion that these days, traditional antivirus software is largely useless in preventing the newer agile forms of attacks. So, can we still protect our precious business? The answer lies in taking multiple proactive measures to safeguard against modern, rapidly changing cyber threats. By implementing a series of basic yet crucial measures, businesses can significantly reduce their risks. These include regular software updates and system checks, comprehensive training programs for employees to identify potential scams, educating staff about the benefits and risks of new technologies, and ensuring that every employee is equipped with the necessary knowledge and skills to navigate this complex digital world. Do not forget to employ multiple authentication methods for enhanced security, conduct routine system checks and do prompt software upgrades, and you will put your business in a much better position.
I think it's a good “wake-up call” for leaders across all sectors to reassess their security protocols and take swift action. We must take immediate action - the costs and potential brand damage could become too high a price to pay in future. Do not wait until your business's vulnerabilities are exposed by hackers. Instead, implement basic cybersecurity measures today (and don't forget to ask professionals to come and revalidate them!).