Visit Gauntlet AR Network open in new tab

Resolve to Become a Tougher Cyber Crime Business Target

If there is one New Year resolution that British businesses need to make before the end of 2025, it is to make themselves “as hard a target as possible” for cyber criminals.  Why?  Well, it’s what the National Cyber Security Centre (NCSC) has told them to do.

This advice should be taken on board by businesses of all sizes, as all are on the radar of cyber criminals.  Often, these criminals want to leverage ransom payments and they do not care where their income comes from.  43% of businesses surveyed suffered an attack in the last 12 months, according to the last Cyber Security Breaches Survey.

There were a record number of 204 nationally significant cyber attacks in the year to September 2025.  But also, 18% of micro businesses, 25% of small businesses, 42% pf medium-sized enterprises and 52% of large corporate bodies suffered a cyber attack, according to the NASC’s last report.

 

The threat phishing poses for businesses of all sizes

 

Cyber criminals are going ‘phishing’ with great ease these days, thanks to AI tools that polish their emails and remove tell-tale signs that used to signify that an email was fake.  Their English is much better and more natural; their logos are now spot-on.  It is much harder to detect what is real and what is fake, unless you are on your guard.  85% of businesses have experienced phishing during a breach.[i]

Yet despite this increased threat, businesses still have massive gaps in their protection strategies.  Only four-in-ten (40%) are using two-factor authentication, to give them a greater defence against cyber criminals.  Only 29% are carrying out cyber risk assessments.  Less than a third (31%) have their staff use a VPN (virtual private network), if using their laptops outside of the office and utilising public Wi-Fi. The usage is even lower for charities (20%).

 

Being prepared for a business cyber attack

 

Despite the huge implications that accompany a data breach, it is also notable that only 32% have any access to guidance that will tell them when they need to report a breach externally.  Only just over half of businesses have factored cyber downtime into business continuity plans.

For all these reasons, businesses need to toughen up as targets but also consider the ‘what if?’ scenario, which is an ever-present threat.

To help do that, they could do more to put the safety net of cyber insurance in place.  Not only will this help protect the business from financial losses and downtime, in the event of an attack, it will also provide the prompts that they need, to up their cyber security.

 

Getting help after a cyber attack

With a good cyber insurance policy in their locker, a business is not left stumbling around in the dark when an attack occurs.  They instantly know who to contact to get help.  They can quickly identify how the attack occurred and plug those gaps, limiting the damage.  Advice on who to advise, and how to do it, is available.  Rather than trawling through search engines trying to find someone who can help, all they need do is contact their insurer and let real anti-cyber-crime experts step in and put things right.

 

Keeping clients on-side after a cyber attack

It is often not so much about the actual cost that would accompany a ransom demand or system damage but the loss of business that occurs whilst systems are down and out of action.  Also, which client wants to learn that a supplier has been hacked and doesn’t have a time frame with regard to putting things right and getting back to business as usual?  What does that say, at a perception level, about how much they can be trusted in other regards?

So take on board the need to become a tougher target and make that your business’s New Year’s resolution for 2025.

 

Practical cyber security steps to take in your business

 

Steps you can take are:

  • Carrying out a thorough cyber risk assessment (your insurance broker can help with this)
  • Creating a formal cyber security strategy
  • Using network firewalls
  • Ensuring all software and Apps are kept up to date
  • Using a malware detection service
  • Backing up data to the Cloud
  • Buying a VPN for business use when out of the office
  • Restricting access to passwords and admin rights
  • Using strong and regularly changed passwords
  • Training staff in cyber crime techniques and tactics
  • Making sure you use two-factor and multi-factor authentication on devices
  • Considering the impacts of a cyber attack on business continuity. Again, an insurance broker can help with this.
  • Buying comprehensive and worthwhile cyber insurance

 

Talk to our Gauntlet team today about meaningful cyber insurance that will do more than just pay out for your losses and actually give you what matters – a team at your fingertips who become your caped cyber crusaders.

You will be pleasantly surprised at just how affordable this is and soon realise it is not worth taking the risk of flying solo in a world of cyber crime, without cyber insurance back-up.

Call 0113 244 8686 or visit our local broker map at our Gauntlet Group website and find a broker that you would like to work with.

 

 

Photo by FlyD on Unsplash

 

 

 

[i] https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2025/cyber-security-breaches-survey-2025

 

<< Back to News