Azets Logo

New Azets Barometer shows economic risk from cyber breaches rising fast

New Azets Barometer shows economic risk from cyber breaches rising fast

A birds eye view of an employee working at their computer

Date

19 Jun 2025

Category

Cyber Security

Author

Paul Kelly

New Azets Barometer shows economic risk from cyber breaches rising fast

Large businesses in the UK are increasingly exposed to cyberattacks, with fresh data showing a clear link between company size and breach frequency – but smaller firms may be dangerously underestimating the threat.

According to the latest Azets Barometer, just 41% of large UK businesses avoided cybersecurity incidents in the past year – compared to 65% of smaller firms. Meanwhile, 13% of companies with revenues over £10 million reported multiple breaches.
Our biannual survey reveals a growing concentration of cyber risk in specific sectors. In finance, fewer than four in ten firms avoided breaches in the past 12 months. In retail and hospitality – a sector rocked by high-profile incidents – 43% stayed incident-free, with more than a third suffering at least one attack.
By contrast, lower-risk sectors like construction (80%) and healthcare (76%) reported significantly fewer breaches.
The findings come just weeks after Marks & Spencer disclosed a cyberattack expected to wipe £300 million from this year’s profits – with systems remaining disrupted for over a month. The Co-op, Harrods, and Adidas have also suffered recent attacks, highlighting the real-world impact of digital exposure.

Bigger businesses, bigger risk

Across all UK businesses, 58% reported no cybersecurity incidents, above the European average of 50%. About 26% suffered one breach, and 9% had multiple – compared to 11% EU-wide.
By revenue, the data shows a clear trend that as businesses grow and data volumes increase, so too does the frequency and impact of cyber incidents.

A growing threat that can’t be ignored

The findings show a worrying trend for ongoing cyber-attacks on the UK’s larger, data-heavy organisations. This underscores the need for continued focus on cyber resilience, especially in higher risk sectors.
Even though the majority of smaller organisations report no incidents, it’s a matter of when cybersecurity incidents occur, not if. Smaller organisations must continue to be vigilant and invest in cyber resilience measures to reduce the risk of incidents occurring.
View the full results and trends from the Spring 2025 Azets Barometer.

We are here to help

If you have any cyber security concerns or would like to discuss what your business should be doing to protect itself, please get in touch with our specialist Cyber Services team.

Get in touch

Paul Kelly

Head of Cyber Services