Image Credit: Designed by Freepik
Cybersecurity Best Practices for UK Small Businesses
The latest UK government cyber security survey reveals encouraging news for the digital landscape, with reported cyber attacks against businesses dropping from 50% to 43% over the past year. This positive shift has been attributed to “observed strengthening of cyber hygiene among small businesses,” demonstrating that increased awareness and proactive security measures are making a tangible difference.
Released on April 10, 2025, by the Department for Science, Innovation and Technology (DSIT) and the Home Office, the Cyber Security Breaches Survey 2025 provides a comprehensive analysis of the UK’s cyber resilience. While phishing remains the predominant threat vector and ransomware incidents have doubled, the overall decline in successful attacks highlights the effectiveness of improved security practices among organizations.
Small Businesses in particular have made notable strides in cyber hygiene practices. The survey indicates significant year-over-year improvements, with cyber security risk assessments increasing from 41% to 48%, cyber insurance adoption jumping from 49% to 62%, formal cyber security policies rising from 51% to 59%, and business continuity plans addressing cyber security growing from 44% to 53%.
However, the picture isn’t universally positive. High-income charities showed concerning declines in key security areas compared to 2024, including fewer activities to identify cyber security risks (75%, down from 86%), less review of immediate supplier risks (21%, down from 36%), and reduced implementation of formal cyber security strategies (39%, down from 47%). Qualitative interviews suggest these downward trends may be linked to budget constraints.
The survey also revealed a significant gap between large and medium businesses in strategic planning, with 70% of large businesses maintaining formal cyber security strategies compared to just 57% of medium businesses. This disparity highlights the ongoing challenges in creating consistent security practices across organizations of different sizes.
The survey serves as a crucial tool for shaping government policy aimed at creating a more secure digital environment for UK businesses, charities, and educational institutions. It examines security policies, processes, and approaches while analysing attack patterns, impacts, and organizational responses across various sectors.