Did you know that the 2024 UK Government Cyber Security Breaches Survey revealed that 50% of UK businesses had suffered a cyber-attack or security breach in the previous 12 months, representing an increase from 39% in 2022?

It’s usually the bigger incidents that hit the news:

The 2023 ransomware attack on the British Library, which has been described as one of the worst cyber incidents in British history. The attackers demanded 20 bitcoin (approximately £596,000), and when the library refused to pay, they released around 600GB of stolen data online. The attack cost the library an estimated £6-7 million to recover from (around 40% of its financial reserves), and the main catalogue remained offline for months, with partial restoration only beginning in January 2024.

In April 2025, M&S issued a formal statement acknowledging a cyber incident. M&S quantified the hit at roughly £300 million in lost profit, with forecasts showing online sales disruptions lasting into July. The company resumed taking online orders for some clothing lines on 10 June 2025, after a 46-day hiatus. As a result, the market value of M&S plummeted by over £700 million, with the company facing estimated losses of £40 million per week due to the attack.

Royal Mail’s parent organisation, International Distributions Services plc (IDS), spent a total of £10m on remediation and systems resilience improvement in the wake of a ransomware attack on its systems.

But it’s not just major companies that experience cyberattacks. The shocking reality is that over 560,000 new cyber threats are discovered daily, and 81% of all UK businesses that suffer from a cybersecurity attack are small and medium-sized businesses. The sad news is that 97% of businesses that suffer a cyberattack could have been protected if they had a modern and comprehensive cybersecurity solution in place.

According to the Cybersecurity & Infrastructure Security Agency (CISA), 74% of all breaches begin with a social engineering attack, which includes email phishing and vishing (voice phishing). When these tactics are used together in coordinated campaigns, the success rate of the attack increases to around 75%.

Unfortunately, a business is only as strong as its weakest link. Are you confident that your team knows how to practice online safety? Will they know how to respond appropriately if they’re placed in a compromising situation?

Education is one of the most important steps in ensuring cybersafety. That’s why we’re recommending a two-step approach:

1. Security Awareness Training, which teaches your team valuable skills they can use to keep themselves – and your company – safe online.
2. Complete Cloud Secure, which includes web security, URL filtering, anti-malware software, cloud application security, and email security.

The good news is that 90% of ransomware attacks fail or result in zero losses for the victim when proper defences are in place. Get in touch, and we’ll help you decide whether Security Awareness Training and Complete Cloud Secure are right for your business.

Get in touch for a no-obligation call.