The UK's National Cyber Security Centre (NCSC) reports that it is now handling an average of four nationally significant cyber attacks every week — a record 204 such incidents in a single year, more than double the previous total. Its chief has warned that the threat continues to escalate, with a growing share linked to hostile nation states and AI accelerating how quickly vulnerabilities are found and exploited.
"But that's big infrastructure, not my business"
It's true the NCSC's "nationally significant" cases involve large organisations and critical services. But the same techniques — phishing, unpatched systems, stolen credentials — are used indiscriminately against businesses of every size. High-profile victims like M&S, Co-op and Jaguar Land Rover grab the headlines; thousands of smaller organisations are hit quietly every week.
The NCSC's own advice to everyone else is refreshingly practical: make yourself a harder target.
The fundamentals that do the heavy lifting
- Patch promptly and retire legacy systems.
- Multi-factor authentication on everything.
- Cyber Essentials as your baseline.
- Tested backups and a written incident-response plan.
These are the same basics we put in place for clients across Greater Manchester — unglamorous, but they stop the overwhelming majority of attacks. Get a no-obligation review.
Source: UK experiencing four 'nationally significant' cyber attacks every week — NCSC