The Department for Science, Innovation & Technology published its annual Cyber Security Breaches Survey on 10 April.
The Survey covers a wide range of topics, from policies, processes and approach to cyber security by UK businesses and charities, to the prevalence and impact of breaches, incident response, and the evolving threat of cybercrime.
Here our Cyber team provide a bitesize report into their key takeaways from the Survey – covering breach statistics for the year to best practices and some easy wins for organisations to mitigate cyber risk.
Key takeaways:
- In the past year, 43% of businesses and 30% of charities reported experiencing cyber security breaches or attacks, with phishing being the most common type of attack. This highlights the need for robust defences and effective staff training to mitigate these threats.
- There has been an increase in small businesses adopting cyber hygiene practices, such as cyber security risk assessments, cyber insurance, and formal cyber security policies. However, high-income charities have shown a reduction in these activities, likely due to budget constraints.
- While cyber security remains a high priority, only 27% of businesses have a board member responsible for cyber security, down from 38% in 2021. Additionally, only a small percentage of businesses and charities review risks posed by their supply chain, indicating a need for improved risk management procedures.
To delve deeper into the findings and recommendations from the Cyber Security Breaches Survey 2025, and to understand how your organisation can enhance its cyber security measures, read the full report.
