Cyber Resilience Bill & Key Takeaways from our Future-Proof Event
On 12 November 2025, the Department for Science, Innovation & Technology (Gov.uk) released new research in the Cyber Resilience Bill. It explores the economic impact of cyber attacks and the findings underline just how urgent this issue has become for UK businesses.
Here are some of the most concerning insights from the report:
- The UK is now the most targeted country for cyber attacks in Europe, making cyber resilience a national priority.
- The National Cyber Security Centre (NCSC) managed 204 significant or highly significant cyber incidents in the year to September 2025.
- 43% of UK businesses experienced a cyber security breach or attack last year - equivalent to more than 600,000 organisations.
- The scale of digital exposure is growing rapidly: from 50 billion connected devices in 2020 to a projected 500 billion by 2030.
- A significant cyber attack now costs a UK business an average of £195,000
- The highest average impacts fall on some of the UK’s best-performing sectors, including information, management, entertainment, manufacturing and financial. The typical cost for a manufacturing business, all in, is estimated at £330k and for financial sector - £309,000.
Future-Proof Event: Key Reflections
Yesterday, we hosted our own Cyber Security Seminar ‘Future-Proof’, welcoming guests from a wide range of industries - manufacturing, construction, finance, e-commerce, healthcare, veterinary and professional services.
Our seminar was led by keynote speaker Leigh Cockell, CISM, CC from ConnectWise, one of the industry’s leading cyber security experts. It’s safe to say our minds were blown. Leigh demonstrated just how quickly attackers can infiltrate a system, how AI is accelerating the pace of threats, and why proactive planning is more critical than ever.
One guest summed it up perfectly:
“Highlighted the crazy world we live in and the potential threats our businesses are open to without the correct protection against cyber-attacks.”
It encouraged everyone in the room to reflect on their own practices, their preparedness, and where improvements can be made.
As a security-first MSP, we deliver a layered protection stack across our client base, and it was encouraging to hear long-standing partners share how much value they place in having a dedicated IT team watching over them. But the day also highlighted that cyber security is never “finished.” It is a continual process of improvement.
Key Takeaways for SMEs
Every organisation—regardless of size—can improve its resilience by focusing on the following:
- Prioritise cyber hygiene across the organisation, ensuring that basic controls are consistently maintained.
- Work with a trusted IT provider who can deliver the right security tools, monitoring, backup and disaster recovery strategy.
- Assess the financial impact that a serious attack could have and factor this into risk planning.
- Invest in Security Awareness Training, including phishing simulations and ethical-hacking-based exercises to keep staff vigilant.
- Develop and test an incident response plan, so your team knows exactly how to act during a crisis.
- Explore Cyber Essentials certification. Organisations with Cyber Essentials see 92% fewer insurance claims, and if you have CE, you get £25,000 of cyber insurance cover.
- Consider standalone cyber insurance as an added layer of protection.
Our event and the release of the Cyber Resilience Bill this week are both powerful reminders that cyber resilience isn’t optional - it’s an essential part of safeguarding every modern organisation.
Cyber Security Awareness Training (SAT) - Call 0800 368 7730
