Latest 2025 Cybersecurity Statistics (updated September 2025)

Cybersecurity Statistics

• 43% of UK businesses experienced a cyber breach or attack in the past 12 months.

• £7,960 is the average cost of a serious breach for UK SMEs.

• Global cybercrime damages are projected to reach $10.5 trillion annually in 2025.

• The global average cost of a data breach has risen to $4.88 million — the highest on record.

• 79% of intrusions are now malware-free, relying on stolen credentials or hands-on activity.

• The average breakout time has dropped to 48 minutes, with the fastest attack spreading in just 51 seconds.

• 92% of breaches involve a human factor such as phishing or credential misuse.

• Ransomware accounts for 24% of all breaches worldwide.

• Phishing remains the most common attack vector, impacting 83% of UK businesses that reported a breach.

• Only 31% of UK businesses regularly test their incident response plans.

• 35% of cloud security incidents involve valid account abuse rather than malware.

• Credential theft is now the leading cause of identity-related breaches globally.

• Cybersecurity skills shortages remain severe, with an estimated 3.5 million unfilled jobs worldwide.

• AI-powered phishing emails are 4x more likely to be clicked than human-written ones.

• Regulatory compliance is tightening, with more organisations adopting Cyber Essentials Plus, ISO 27001, and GDPR readiness as standard.

• SMEs are increasingly outsourcing security operations, with managed detection and response (MDR) one of the fastest-growing services.

Cybersecurity is no longer a “nice to have” — it’s a business-critical investment. From phishing attacks and ransomware to cloud credential theft and insider risks, the scale and speed of modern threats demand proactive defence. Whether you’re an SME or a large enterprise, the right IT partner makes all the difference in keeping systems secure, compliant, and resilient.

When choosing a cybersecurity provider, look for best-practice frameworks, proven incident response capabilities, and solutions tailored to your sector. See our IT Support & Strategy page for more information.

Case Study: Deepfake Fraud

Background

In 2024, a multinational finance company became the victim of a highly sophisticated cyberattack. Criminals used generative AI to clone the CFO’s voice and video, creating convincing deepfakes that were almost impossible for staff to distinguish from the real person. Over the course of the scam, employees were persuaded to transfer $25.6 million into attacker-controlled accounts.

​

The company had invested in traditional defences such as email filtering and phishing awareness training. However, this attack bypassed those safeguards by exploiting trust, urgency, and authority — hallmarks of advanced social engineering.

​

Attack Method

1. AI-Powered Deepfake Fraud

• Challenge: The attackers needed to overcome the company’s existing multi-level fraud prevention measures, which included financial controls and employee training.

• Solution: By combining video and audio deepfakes with urgent messaging, attackers were able to trick multiple staff members into believing they were following legitimate CFO instructions.

2. Exploiting Human Factors

• Challenge: Even well-trained employees can struggle to challenge senior executives in high-pressure situations.

• Solution: Attackers leveraged social engineering psychology — urgency, authority, and fear of escalation — to push transactions through without proper scrutiny.

Outcomes

❌ Financial Loss: The company transferred $25.6 million to attacker accounts.
❌ Reputational Damage: News coverage highlighted the company’s lack of safeguards against AI-driven threats.
❌ Regulatory Scrutiny: Questions were raised around internal controls and governance.
 

Conclusion

This case demonstrates how AI-powered social engineering is outpacing traditional defences. Businesses must go beyond awareness training by implementing layered protections such as:

• Multi-person approvals for high-value transactions

• Deepfake detection technologies

• Advanced fraud monitoring tools

The lesson is clear: cybersecurity in 2025 must account for both technical and human vulnerabilities.

Notable Changes in Cybersecurity (2024-2025)

Cybersecurity has undergone a major evolution in just two years, moving from a reactive discipline to a strategic business priority. Here are the most significant changes shaping the security landscape:

​

1. From IT Concern to Boardroom Priority

In 2023, cybersecurity was still often viewed as an operational IT function. By 2025, it has become a core business issue, regularly discussed at board level due to its impact on reputation, compliance, and financial stability.

2. Malware-Free Attacks Become the Majority

In 2023, malware was still a dominant tool for attackers. By 2025, 79% of intrusions are malware-free, with adversaries relying on valid credentials, social engineering, and legitimate tools. This marks a fundamental shift in how organisations must detect and respond to threats.

3. Breakout Times Collapse

In 2023, defenders typically had an hour or more to contain lateral movement. By 2025, attackers can spread within minutes — with the fastest breakout observed at just 51 seconds. This shift highlights the need for automation and real-time monitoring.

​

4. Ransomware Becomes Multi-Layered

While ransomware was already a threat in 2023, by 2025 it has evolved into triple-extortion campaigns: encrypting data, stealing sensitive information, and threatening public leaks. Attackers are also targeting backups and cloud services, forcing businesses to rethink continuity strategies.

5. AI Changes the Game — for Attackers and Defenders

Generative AI was emerging in 2023, but by 2025 it’s firmly embedded in cyber operations. Attackers are using AI to create deepfakes, write scripts, and generate phishing campaigns with dramatically higher success rates. At the same time, defenders are adopting AI-driven detection and response tools to keep pace.

6. Cloud Security Takes Centre Stage

In 2023, cloud misconfigurations were a rising concern. By 2025, cloud account compromise and credential abuse account for over a third of incidents, making identity-first security and zero-trust frameworks a top priority.

7. Compliance and Regulation Tighten

Over the past two years, regulators have stepped up requirements for reporting breaches and maintaining robust security frameworks. Businesses are increasingly adopting Cyber Essentials Plus, ISO 27001, and sector-specific standards as baseline expectations.

​

8. Managed Security Services Surge

With the cybersecurity talent gap widening, more businesses have turned to managed detection and response (MDR) and outsourced SOC support. Between 2023 and 2025, demand for co-managed security services has accelerated, especially among SMEs.

​

In just two years, cybersecurity has shifted from a reactive shield to a strategic enabler of business resilience. Companies that adapt to these changes are not only reducing risk but also building the trust and agility needed to thrive in an unpredictable digital landscape.

How IT Desk stay up-to-date with Cybersecurity Threats

At IT Desk, staying ahead of cyber threats isn’t just something we talk about—it’s built into how we work every day. We know that the security landscape changes by the minute, so keeping pace with the latest risks and defences is critical to protecting our clients.

But our learning doesn’t stop there.

​

We have a dedicated Information and Security Manager who leads our approach to threat intelligence. He is currently expanding the team in preparation for the launch of SAINT—our brand-new, in-house developed cybersecurity software (more on this coming soon—watch this space). His work goes beyond day-to-day monitoring: he’s constantly engaging with the wider security community, reviewing trusted sources like the NCSC and NIST, and keeping a close eye on specialist security forums.

​

Professional development is also key. Our security manager regularly attends some of the world’s leading cybersecurity conferences, including SteelCon in Sheffield and DEF CON in Las Vegas, to gain first-hand insight into the latest tools, tactics, and trends being used by both defenders and attackers.

​

Inside IT Desk, we embed this knowledge into our everyday practices. From internal security briefings and incident response drills to staff awareness training and technical showcases, we make sure our entire team understands the latest threats and how to respond to them.

Our commitment to continuous learning means we don’t just deliver security as a service—we live and breathe it. That’s how we help our clients stay safe, compliant, and resilient in an ever-changing digital world.

IT Desk's Cybersecurity Policies

At IT Desk, security is not an afterthought - it's embedded in everything we do. Our policies are built on globally recognised standards and are regularly reviewed to ensure they reflect the latest threats, technologies, and compliance requirements.

Our Certifications

• ISO 27001: Demonstrates our commitment to rigorous information security management, covering data protection, access controls, and risk mitigation.

• ISO 9001: Ensures our processes are quality-driven, consistent, and continuously improving, giving clients confidence that security and service excellence go hand in hand.

Key Policy Areas

1. Access Control & Identity Management
   Strict access policies, multi-factor authentication, and a zero-trust framework ensure that only authorised users can access sensitive systems.

2. Data Protection & Privacy
   Encryption, backup, and retention policies safeguard client data in line with GDPR and other regulatory requirements.

3. Incident Response & Business Continuity
   Pre-defined incident response procedures and disaster recovery plans minimise downtime and help clients recover quickly in the event of an attack.

4. Employee Awareness & Training
   Regular training ensures staff understand how to spot phishing attempts, manage credentials securely, and follow best practices.

5. Vendor & Supply Chain Security
   We vet and monitor third-party providers to ensure they meet the same security standards we uphold internally.

6. Continuous Monitoring & Improvement
   Threat detection tools, audits, and security reviews keep our defences up to date and aligned with the latest best practices.

Our Approach

Policies alone don’t stop attacks — culture does. At IT Desk, every team member plays a role in maintaining security, from the help desk to senior leadership. By embedding compliance, training, and accountability into our daily operations, we ensure that security isn’t just documented — it’s lived.