The Government's 2025/2026 Cyber Security Breaches Survey makes for sobering reading: 43% of UK businesses — roughly 612,000 organisations — reported a cyber breach or attack in the past 12 months, with an estimated 5.19 million cybercrimes overall. Phishing remains by far the most common and most disruptive type of attack.

What stands out is how little the headline numbers move year to year. Awareness is high; consistent action is not.

The gaps the survey keeps finding

  • Only around a third of businesses have board-level responsibility for cyber security.
  • Just 15% review the risks posed by their immediate suppliers, and only 6% look at the wider supply chain.
  • Smaller businesses are, in some areas, going backwards on the basics.

How not to become a statistic

  1. Get the fundamentals certified with Cyber Essentials — it stops the majority of common attacks.
  2. Train staff to spot phishing, and back it with phishing-resistant MFA.
  3. Assign clear ownership of cyber security at leadership level.
  4. Extend your security expectations to your suppliers.

As a Cyber Essentials Plus certified provider, we help Greater Manchester businesses turn awareness into action. Get in touch.

Source: Nearly half of UK businesses experiencing cyber security breaches — HR News