Horizon3.ai, a leading cybersecurity company, has released its highly anticipated report titled “Cyber Security Report 2024/2025” for the United Kingdom. The report, which surveyed 150 UK organizations, reveals concerning trends in the country’s cybersecurity landscape.
According to the report, at least half of UK organizations are neglecting to assess their operational cyber risks, despite the increasing threats in the cybersecurity landscape and the requirements of regulations such as DORA and NIS2. Keith Poyser, Vice President for EMEA at Horizon3.ai, highlights the importance of regular assessments in protecting organizations from potential threats and complying with modern legislation.
Poyser states, “Regular assessment of operational cybersecurity is essential to meet both current and forthcoming legal requirements for IT security. This includes the Cyber Security and Resilience Bill, set to be introduced to Parliament this year, alongside European regulations like the Cyber Resilience Act (CRA), which also impact UK organizations working with EU partners.”
The report also reveals that only 23% of the companies surveyed regularly conduct risk assessments of their IT infrastructure to determine how vulnerable they are to cyberattacks. This is a concerning statistic, considering the government’s Cybersecurity Breaches Survey 2024 estimated that UK businesses had experienced approximately 7.78 million cybercrimes within 12 months.
Poyser warns that neglecting to assess cyber resilience puts companies at considerable risk, stating, “Limiting penetration testing, getting a true attacker’s perspective, of your computing and cloud environments to just once a year borders on negligence.”
The report also highlights a concerning imbalance in cybersecurity strategies, with 34% of companies solely relying on defensive measures without actively testing their resilience. Only 7% regularly engage in structured Red and Blue Team testing, and 15% recognize the need for offensive security but lack the know-how to implement it.
Horizon3.ai’s cloud-based platform, NodeZero, offers regular penetration testing to organizations and public authorities, making it accessible to mid-sized companies. The platform continuously monitors the cybercrime landscape and provides tailored recommendations for remediation.
Horizon3.ai urges organizations to shift from a defensive to a proactive offensive approach to tackle cybersecurity crises. The company emphasizes the importance of regular assessments and proactive measures in meeting rising regulatory demands for cyber resilience in Governance, Risk & Compliance (GRC).
For more information, please visit the Horizon3.ai website or contact the PR agency euromarcom public relations GmbH.