London, 6 August 2025 – As cyber threats in the United Kingdom continue to escalate, organisations must adapt to an ever-changing landscape of attackers that are faster, more automated, and increasingly driven by artificial intelligence. Traditional defensive measures such as firewalls and vulnerability scans are no longer enough to protect against these sophisticated attacks, leaving many organisations uncertain of their ability to withstand a real breach.
In response to this heightened risk, cybersecurity expert Keith Poyser urges organisations to incorporate autonomous penetration testing into their cybersecurity strategies. Poyser, who serves as Vice President for EMEA at Horizon3.ai, stresses the importance of regular, attacker-style testing to uncover vulnerabilities and weaknesses before they can be exploited. This proactive approach not only strengthens a company’s defenses but also builds customer trust and prepares them for stricter regulations.
The need for offensive security measures is underscored by recent high-profile cyber incidents at multiple flagship retailers in the UK. These breaches serve as a stark reminder that conventional defensive strategies are no longer enough to protect against modern cyber threats.
Despite the growing importance of cybersecurity, many organisations still rely on passive measures such as checklists and occasional vulnerability scans. This approach, according to Poyser, is like installing an elaborate alarm system in a home without ever testing it to ensure it works during a break-in. Instead, Poyser recommends regular autonomous penetration testing to identify and address any exploitable weaknesses before attackers can find and take advantage of them.
Horizon3.ai, a leading cybersecurity company, offers a cloud-based offensive security platform called NodeZero that enables organisations to conduct production-safe cyberattacks on their own IT infrastructure. This platform delivers 100% coverage, operates 18 times faster than human testers, and allows for continuous testing and remediation.
The State of Cyber Risk and Exposure 2025 report from Bitsight reveals concerning findings about the current state of cybersecurity readiness in the UK. Only 20% of the 1,000 cybersecurity and risk professionals surveyed rated their cyber risk management as “very mature.” Additionally, UK security professionals reported higher stress levels than their peers in other regions, highlighting the intense pressure of keeping pace with escalating threats.
Poyser believes that a shift in mindset is necessary for organisations to effectively defend against cyber threats. “Defending passively does not instill lasting confidence,” he says. “Organisations need to think like attackers and take a proactive and measurable approach to security.”
However, many companies still risk falling into a false sense of security. The Cybersecurity Report UK 2024/25 from Horizon3.ai reveals that nearly a quarter of organisations surveyed were unaware of any attacks in the past two years, and 8% claimed they had not been targeted at all. Poyser cautions against such assumptions, stating that it is unrealistic to believe an organisation has been completely overlooked by threat actors for an extended period.
Pentesting frequency is a crucial factor in building cyber resilience, according to the Cybersecurity Report UK 2024/25. While 60% of organisations reported conducting pentests, only 13% have adopted automated platforms, which are considered essential for testing at the pace demanded by today’s threat landscape. Poyser emphasizes the importance of regular, automated testing, stating that the more efficient and repeatable the process, the stronger the overall security posture.
Ultimately, cybersecurity testing is not just a technical exercise, but a cornerstone of business resilience. By embedding regular, proactive testing into their strategy, organisations can move forward with greater confidence, protecting both their operations and their reputation while ensuring they are well-prepared for the escalating challenges.
For more information about Horizon3.ai and their offensive security platform, NodeZero, visit their website at www.horizon3.ai.
Trademark notice: NodeZero is a trademark of Horizon3.ai.
Contact Information:
Horizon3.AI Europe GmbH
Prielmayerstrasse 3
80335 Munich
www.horizon3.ai
PR Agency: euromarcom public relations GmbH
Contact: +49 611 973150
www.euromarcom.de
Email: team@euromarcom.de
Distributed by https://pressat.co.uk/