The UK Cyber Security Breaches Survey 2025 has revealed that the proportion of UK businesses experiencing cybersecurity breaches or attacks has slightly decreased to 43% in 2025, down from 50% the previous year. This decline, according to the study commissioned by the Department for Science, Innovation and Technology (DSIT) and the Home Office, is a positive sign but does not signify a complete elimination of cyber threats.
The survey, which gathered responses from 2,180 businesses and 1,081 charities between August and December 2024, highlighted that despite the overall decrease in cybersecurity incidents, an estimated 612,000 businesses and 61,000 charities still fell victim to breaches or attacks in the past year. The prevalence of such incidents remained high among medium and large businesses, with rates standing at 67% and 74%, respectively, similar to levels reported in 2024.
Phishing attacks continued to be the most commonly reported breach type, with 85% of businesses and 86% of charities attributing incidents to phishing. This underscores the need for ongoing staff training and internal investigation to combat such attacks. Additionally, ransomware incidents saw an increase in prevalence, with 1% of businesses reporting being targeted by ransomware in 2025 compared to less than 0.5% in the previous year. This rise in ransomware incidents, approximately 19,000 in total, indicates a shift towards more sophisticated cyber threats.
The Department for Science, Innovation and Technology (DSIT) emphasized the importance of addressing evolving threats like phishing and ransomware, as well as disparities between different types of organizations to enhance cybersecurity measures. Measures such as promoting official guidance, improving incident response capabilities, encouraging transparent reporting, managing supply chain risks, and empowering boards with cyber knowledge were highlighted as crucial steps towards building a more secure and resilient cyber landscape for the UK.
The survey differentiated between general breaches and cyber crimes, with approximately 20% of businesses and 14% of charities reporting at least one cyber crime in the past 12 months. This represented around 283,000 businesses and 29,000 charities affected by cyber crimes. The average number of incidents experienced by businesses and charities due to cyber crimes was 30 and 16, respectively, with businesses estimated to have faced 8.58 million cyber crimes overall.
The financial impact of cyber incidents was also significant, with the average cost of the most disruptive breach amounting to £1,600 for businesses and £3,240 for charities. When excluding cases with no financial cost, the average rose to £3,550 for businesses and £8,690 for charities. Cybercrime costs, excluding phishing incidents, were estimated at £990 per business and £1,970 excluding cases with zero financial losses.
Moreover, incidents of cyber-facilitated fraud were reported by 3% of businesses and 1% of charities, with average costs of £5,900 per business, increasing to £10,000 when excluding cases with no financial loss. Despite some improvements in cybersecurity measures, gaps in preparedness were identified, such as low adoption rates of two-factor authentication and virtual private networks for remote access.
The survey also raised concerns about the declining trend of board-level responsibility for cybersecurity, dropping to 27% in 2025 from 38% in 2021. Experts like Proofpoint’s cybersecurity strategist for the EMEA region, Matt Cooke, expressed alarm over this development, highlighting the need for adequate prioritization of cybersecurity within organizations.
In conclusion, while the UK has made progress in certain areas of cybersecurity, the evolving nature of cyber threats necessitates continuous vigilance and improvements in cybersecurity measures to safeguard businesses and charities from malicious attacks. The findings of the Cyber Security Breaches Survey 2025 serve as a reminder of the importance of investing in robust cybersecurity practices to protect against the growing array of cyber threats in today’s digital landscape.