A recently published report commissioned by the UK’s Home Office and Department for Science Innovation and Technology (DSIT) has revealed that 43% of UK businesses and 30% of UK charities experienced a cybersecurity breach in the past 12 months.
While there was a slight fall in the number of businesses and charities suffering a cybersecurity incident, there was a significant increase in ransomware attacks. The survey was conducted on 2,180 businesses, 1,081 charities, and 574 educational institutions. Based on the number of confirmed cyber incidents, that equates to around 612,000 UK businesses and 61,000 UK charities experiencing a cyber breach or a cyberattack in the past 12 months.
While there was a slight decline in cyber incidents, which were confirmed by 50% of businesses in last year’s study, it is clear that hacking and other types of cyber incidents continue to pose a massive threat to UK businesses, with ransomware attacks of particular concern. According to the report, the estimated percentage of ransomware crime increased from less than half a percent in 2024 to 1% in 2025, which suggests that around 19,000 UK businesses experienced a ransomware incident in the past 12 months. 4% of large businesses and 3% of medium-sized businesses admitted to paying the ransom demand to recover their data and prevent its publication online.
The biggest cyber threat to UK businesses by some distance is phishing. Phishing is the fraudulent practice of sending emails or other messages that trick individuals into disclosing sensitive information such as login credentials or installing malware. Over the past 12 months, 93% of businesses and 95% of charities that experienced a cybercrime incident identified phishing as the cause of at least one of those incidents. Businesses that were confirmed victims of cybercrime in the past 12 months experienced an average of 30 cybercrime incidents in the past 12 months, with charities experiencing an average of 16 cybercrime incidents.
The credentials stolen in these attacks and the malware installed give cybercriminals initial access to internal networks. From there, they can deploy additional malware payloads and ransomware and steal sensitive data. The phishing problem is also getting worse for businesses, as cybercriminals are leveraging large language models (LLMs) to craft extremely convincing phishing emails and conduct phishing attacks at scale. These tools can be used to generate fake images, make phishing lures more believable, and make them harder to detect.
With phishing such a major threat and the high cost of dealing with each phishing incident, UK businesses and charities need to have email security defenses capable of detecting and blocking phishing threats, including those developed using AI and LLMs.
Phishing defenses should consist of anti-spam software, multifactor authentication, and end user security awareness training as a minimum. Advanced email filtering software incorporates antivirus software to identify known malware threats, email sandboxing for detecting novel malware threats, link scanning, and machine learning and AI-aided detection.
Over the past three quarters, SpamTitan from TitanHQ has consistently demonstrated in independent tests that it is capable of blocking even the most advanced threats, routinely achieving a 100% malware detection rate, and phishing and spam detection rates in excess of 99.99%.
TitanHQ also offers a comprehensive security awareness training and phishing simulation platform – SafeTitan – for improving awareness of cyber threats. When combined with phishing simulations, the platform has been shown to reduce employee susceptibility to phishing by up to 80%. The training content is enjoyable and memorable, and is delivered in training modules of no more than 10 minutes to maximize knowledge retention and make training easy to fit into busy workflows.
All TitanHQ solutions have been developed to provide powerful protection and advanced features, while also being easy to set up, configure, and use. Further, they are available at a price point that is affordable for businesses of all sizes. Give the TitanHQ team a call today to find out more about improving your defenses against phishing and other cyber threats. Further, TitanHQ’s cloud-based anti-spam service and security awareness training platform are available on a free trial, allowing you to put them to the test before making a purchase decision.