Latest Cybersecurity Statistics (updated April 2026)

Cybersecurity Statistics

• Around 40–45% of UK businesses report experiencing a cyber breach or attack each year.

• The average global cost of a data breach exceeds $4.5 million, continuing to rise annually.

• Global cybercrime damages are projected to reach over $10 trillion per year by 2025.

• Most cyberattacks are now malware-free, relying on stolen credentials, phishing, and human error.

• Human factors contribute to 80–90% of breaches, making user awareness a critical defence layer.

• Ransomware remains a major threat, accounting for a significant share of global cyber incidents.

• Phishing continues to be one of the most common attack methods affecting organisations worldwide.

• Fewer than one-third of organisations regularly test their incident response plans.

• Credential theft is a leading cause of breaches, particularly in cloud and hybrid environments.

• Cybersecurity skills shortages persist, with millions of roles unfilled globally.

• Regulatory pressure is increasing, with organisations adopting frameworks such as Cyber Essentials, ISO 27001, and GDPR.

• Many businesses are turning to managed security services and MDR to strengthen their cyber defences.

Cybersecurity is no longer a “nice to have”—it is a business-critical investment. From phishing and ransomware to identity-based attacks and cloud vulnerabilities, the scale and sophistication of modern threats require a proactive, layered approach to defence.

When choosing a cybersecurity provider, organisations should prioritise proven frameworks, strong incident response capabilities, and solutions tailored to their industry. See our IT Support & Strategy page for more information.

Case Study: Deepfake Fraud

Background

In 2024, a multinational finance company became the victim of a highly sophisticated cyberattack. Criminals used generative AI to clone the CFO’s voice and video, creating convincing deepfakes that were almost impossible for staff to distinguish from the real person. Over the course of the scam, employees were persuaded to transfer $25.6 million into attacker-controlled accounts.

​

The company had invested in traditional defences such as email filtering and phishing awareness training. However, this attack bypassed those safeguards by exploiting trust, urgency, and authority — hallmarks of advanced social engineering.

​

Attack Method

1. AI-Powered Deepfake Fraud

• Challenge: The attackers needed to overcome the company’s existing multi-level fraud prevention measures, which included financial controls and employee training.

• Solution: By combining video and audio deepfakes with urgent messaging, attackers were able to trick multiple staff members into believing they were following legitimate CFO instructions.

2. Exploiting Human Factors

• Challenge: Even well-trained employees can struggle to challenge senior executives in high-pressure situations.

• Solution: Attackers leveraged social engineering psychology — urgency, authority, and fear of escalation — to push transactions through without proper scrutiny.

Outcomes

❌ Financial Loss: The company transferred $25.6 million to attacker accounts.
❌ Reputational Damage: News coverage highlighted the company’s lack of safeguards against AI-driven threats.
❌ Regulatory Scrutiny: Questions were raised around internal controls and governance.
 

Conclusion

This case demonstrates how AI-powered social engineering is outpacing traditional defences. Businesses must go beyond awareness training by implementing layered protections such as:

• Multi-person approvals for high-value transactions

• Deepfake detection technologies

• Advanced fraud monitoring tools

The lesson is clear: cybersecurity in 2025 must account for both technical and human vulnerabilities.

Notable Changes in Cybersecurity (2024-2025)

Cybersecurity has evolved rapidly in recent years, shifting from a reactive IT function to a strategic business priority. The following changes highlight how the threat landscape and security approaches have developed between 2024 and 2025.​

​

1. From IT Concern to Boardroom Priority

Cybersecurity is no longer just an operational issue. It is now a core business concern, regularly discussed at leadership level due to its impact on risk, compliance, and organisational resilience.

2. Malware-Free Attacks Become the Majority

Attackers are moving away from traditional malware. Most modern intrusions now rely on stolen credentials, social engineering, and legitimate tools, requiring organisations to focus more on identity and behaviour-based detection.

3. Attack Speeds Increase Dramatically

The time between initial access and lateral movement has shortened significantly. In many cases, attackers can escalate access within minutes, making real-time monitoring and rapid response essential.

​

4. Ransomware Becomes Multi-Layered

Ransomware attacks have evolved into more complex operations. Many now involve data exfiltration, extortion, and threats of public disclosure, increasing both financial and reputational impact.

5. AI Reshapes the Threat Landscape

AI is now embedded in both cyberattacks and defence strategies. Attackers use it to automate phishing and create more convincing threats, while organisations adopt AI for threat detection, analysis, and response automation.

6. Cloud Security Takes Centre Stage

As cloud adoption grows, so do risks related to misconfiguration and credential misuse. Identity-first security and zero-trust frameworks are becoming essential for protecting cloud and hybrid environments.

7. Compliance and Regulation Tighten

Regulatory requirements continue to tighten. Organisations are strengthening their approach to frameworks such as Cyber Essentials, ISO 27001, and GDPR, with increased focus on reporting, governance, and accountability.

​

8. Managed Security Services Surge

Ongoing skills shortages are driving demand for managed detection and response (MDR) and outsourced security operations. Businesses are increasingly relying on external expertise to maintain strong security coverage.

​

In a short period, cybersecurity has shifted from a reactive defence layer to a central pillar of business resilience. Organisations that adapt to these changes will be better equipped to manage risk, maintain trust, and operate securely in a rapidly evolving threat landscape.

How IT Desk stay up-to-date with Cybersecurity Threats

At IT Desk, staying ahead of cyber threats isn’t just something we talk about—it’s built into how we work every day. We know that the security landscape changes by the minute, so keeping pace with the latest risks and defences is critical to protecting our clients.

But our learning doesn’t stop there.

​

We have a dedicated Information and Security Manager who leads our approach to threat intelligence. He is currently expanding the team in preparation for the launch of SAINT—our brand-new, in-house developed cybersecurity software (more on this coming soon—watch this space). His work goes beyond day-to-day monitoring: he’s constantly engaging with the wider security community, reviewing trusted sources like the NCSC and NIST, and keeping a close eye on specialist security forums.

​

Professional development is also key. Our security manager regularly attends some of the world’s leading cybersecurity conferences, including SteelCon in Sheffield and DEF CON in Las Vegas, to gain first-hand insight into the latest tools, tactics, and trends being used by both defenders and attackers.

​

Inside IT Desk, we embed this knowledge into our everyday practices. From internal security briefings and incident response drills to staff awareness training and technical showcases, we make sure our entire team understands the latest threats and how to respond to them.

Our commitment to continuous learning means we don’t just deliver security as a service—we live and breathe it. That’s how we help our clients stay safe, compliant, and resilient in an ever-changing digital world.

IT Desk's Cybersecurity Policies

At IT Desk, security is not an afterthought - it's embedded in everything we do. Our policies are built on globally recognised standards and are regularly reviewed to ensure they reflect the latest threats, technologies, and compliance requirements.

Our Certifications

• ISO 27001: Demonstrates our commitment to rigorous information security management, covering data protection, access controls, and risk mitigation.

• ISO 9001: Ensures our processes are quality-driven, consistent, and continuously improving, giving clients confidence that security and service excellence go hand in hand.

Key Policy Areas

1. Access Control & Identity Management
   Strict access policies, multi-factor authentication, and a zero-trust framework ensure that only authorised users can access sensitive systems.

2. Data Protection & Privacy
   Encryption, backup, and retention policies safeguard client data in line with GDPR and other regulatory requirements.

3. Incident Response & Business Continuity
   Pre-defined incident response procedures and disaster recovery plans minimise downtime and help clients recover quickly in the event of an attack.

4. Employee Awareness & Training
   Regular training ensures staff understand how to spot phishing attempts, manage credentials securely, and follow best practices.

5. Vendor & Supply Chain Security
   We vet and monitor third-party providers to ensure they meet the same security standards we uphold internally.

6. Continuous Monitoring & Improvement
   Threat detection tools, audits, and security reviews keep our defences up to date and aligned with the latest best practices.

Our Approach

Policies alone don’t stop attacks — culture does. At IT Desk, every team member plays a role in maintaining security, from the help desk to senior leadership. By embedding compliance, training, and accountability into our daily operations, we ensure that security isn’t just documented — it’s lived.