72% of UK organisations believe AI will strengthen security in the years ahead

96% of surveyed UK business leaders from companies with revenues of £100 million+ believe that ransomware payments should be banned across both public and private sectors.

In real-world situations within the private sector, if a ransom payment ban were to take hold, 15% of UK business leaders said they would be neither likely nor unlikely to comply with such a ban.

Almost all UK respondents (98%) stated that cyber readiness and recovery will be a top spending priority.

9 in 10 UK organisations tested elements of their recovery capabilities in the last 12 months, which is a significant increase from previous years.

Just 17% of UK organisations paid the ransom following a ransomware attack.

75% of UK business leaders who believe ransomware payments should be banned admit they would still pay a ransom if it were the only way to save their organisation, even if a ban was extended to the private sector and civil or criminal penalties applied.

71% of UK organisations experienced a cyber attack in the past year.

55% of consumers in the UK don't feel adequately protected in the sharing economy (including vacation rentals and other travel-focused gig economy services).

46% of UK HR leaders reported that security concerns directly triggered their HR software purchases last year.

Nearly half (45%) of UK HR professionals are worried about privacy risks related to AI-powered HR tools, which is the highest percentage among all countries surveyed.

75% of UK HR leaders consider security a critical feature when researching and implementing HR software.

In the U.K., 58.1% of surveyed IT/security professionals reported being pressured to keep a breach confidential, even when they believed it should be reported to authorities.

In the U.K., 64%. of IT/security professionals highlighted the importance of reducing their cyberattack surface by disabling unnecessary tools or applications.

Exposure to mobile scams is highest in the US (51%) and UK (49%), and notably lower in DACH (38%).

Extortion (including ransomware) was the primary cause of cyber losses, accounting for 28% of claims.

Despite the decline from 2023, ransomware claims in 2024 remained approximately double the totals recorded for 2020, 2021, and 2022.

Although the amounts paid by UK ransomware victims continued to rise in 2024, extortion negotiations involving ransomware experts remained generally effective, often resulting in reductions of over 60% from the initial demands to the final payment.

Data breaches accounted for 17% of claims. This includes hostile and accidental external breaches, but excludes extortion.

UK cyber claims in 2024 decreased by 20% compared to the spike seen in 2023.