Not just the stuff of news headlines – UK businesses face real cyber-threats with severe consequences 

It may seem like every week there is a fresh news story related to cyber-security.

In 2025, some high profile UK businesses have suffered at the hand of cyber hackers, showing that no business is immune from risks.

The National Cyber Security Centre recently reported that 43% of UK businesses have reported a breach or cyber attack in the last 12 months – this equates to over 600,000 companies.

Take these two examples:

– Major retailer Marks & Spencer suffered a breach in April 2025, resulting in suspension of online sales for six weeks with an estimated cost of £300 million.

– Supermarket chain Co-op reported an IT system shutdown across its network, significantly disrupting its supply chain for weeks and compromising customer and member data

Our colleagues at insurance brokers Brown & Brown recently published useful insight into the type of risks that a cyber-attack presents for UK businesses.

Risk 1: Disruption to operations

If systems go down and operations are disrupted, businesses could lose customers, customer data, revenue and reputational trust

Risk 2: Data exposure

Any loss of customer data, even when payment data isn’t stolen, results in liability and brand risk

Risk 3: Supply chain ripple effect

It is easy for vulnerabilities in suppliers or partners to trickle down into your own business, as disruption spreads across the whole network and is difficult to recover from

What businesses can do: some practical steps

We have written about this before – there are some proactive and practical steps you can take that will put your business on a more secure footing. Here are the tips from the Brown & Brown team:

– Ensure your systems and software are kept up to date, including all necessary patches

– Train your teams to recognise phishing, impersonation and social engineering (psychological manipulation tactics where attackers trick people into giving up confidential information)

– Enforce strong, unique passwords and enable multi-factor authentication

– Ensure your business has a robust backup regime and a tried and tested recovery plan

– Review your supplier and vendor risks – how do they protect your data and systems?

What can Infologic IT do to help?

“Cyber-security measures are vital components of any company’s IT infrastructure. Not taking action and not having a plan just aren’t options in today’s world. We have a lot of experience and expertise and can advise our clients on how to put robust measures in place to minimise risks. Definitely pick up the phone and have a chat with us, it can be easier than you think to keep your business safer online” – Neil – Infologic IT’s Managing Director.