Last year, roughly 612,000 UK businesses got hit.
A pragmatic, lightly cynical readout of the official numbers, written for the people who actually run the businesses being targeted. No vendor pitches. No vague "the threat landscape is evolving" nonsense. Just the data, the patterns, and what the survey is quietly trying to tell you.
Things did not get better.
The headline number, 43% of UK businesses experienced some kind of cyber breach or attack in the last twelve months, is exactly the same as the year before. Ransomware reports actually fell from 3% to 1% of businesses. But for the small minority who do get properly hit, the consequences look meaner than last year. Loss of revenue jumped from 2% to 5%. Reputational damage tripled from 1% to 3%.
Size profile
Bigger means more breached. Click each tier.
The phishing monopoly
Among organisations that experienced any kind of breach, 88% experienced phishing. The proportion experiencing only phishing and nothing else rose from 45% to 51%. Everything else has shrunk against it.
Hygiene telemetry
What everyone has, what everyone is missing, and what is quietly regressing.
Readiness gauge
Tick what you already have. The gauge fills as you go.
- ✓MFA on email, admin, and finance systems
- ✓Staff have a real way to report phishing
- ✓Backups are tested, not assumed
- ✓Admin rights are restricted
- ✓One-page incident response plan exists
- ✓Critical suppliers have been reviewed
- ✓AI usage has rules
- ✓Logs are monitored somewhere useful
GHOSTLINE covers every gap in this survey.
INBOX stops phishing. TRACE monitors endpoints. BASELINE tracks compliance. WATCH tells the board what matters.
Request access