Cyber security breaches survey 2025 Key findings
The 2025 Cyber security breaches survey, published by the Department for Science, Innovation, and Technology, provides a clear view of how businesses in the UK are handling cyber threats.
The report covers cyber breaches and attacks in 2024, showing both progress and areas where businesses still need to improve. The survey highlights that, while cybersecurity awareness is growing, many businesses remain vulnerable to cyber risks.
Key findings for businesses include
- 43% of businesses experienced a cyber breach or attack in 2024.
- 85% of businesses were targeted by phishing attacks.
- Ransomware attacks increased, with about 19,000 businesses affected.
- Small businesses have improved their cyber security hygiene. More are adopting basic measures like risk assessments, insurance, and policies.
- 14% of businesses review the cyber security of their immediate suppliers, revealing a need for better supply chain risk management.
- Board-level responsibility for cyber security has decreased, with only 27% of businesses having a board member overseeing cyber security.
The survey shows that while some businesses are taking steps to improve their cyber policies and practices, many are still exposed to significant risks. Businesses must continue to strengthen their defences and take action to manage cyber security.
Read the full cyber security breaches survey 2025.
First published 14 May 2025
