London, 8 December 2025 – The United Kingdom has seen a dramatic surge in major cyberattacks throughout 2025, with a 50% increase in frequency and sophistication. This trend has caused significant operational disruption and mounting economic damage, prompting the government to urge organisations to prioritize cybersecurity at the board-level.
The National Cyber Security Centre (NCSC) released their Annual Review 2025, covering the period from September 2024 to August 2025, which revealed that they handled 204 nationally significant cyber incidents. This is a significant increase from the previous year and highlights the severity of the situation. The review also reported an alarming rate of four high impact attacks per week, capable of disrupting essential services and causing widespread operational and economic disruption. In the worst case scenarios, these attacks could even compromise critical national infrastructure. As a result, the government is calling for stronger action from organisations to protect the UK economy and make cyber resilience a top priority.
The economic impact of these attacks is also a cause for concern. The recent cyberattack against Jaguar Land Rover, estimated to be the largest in UK history, has been reported to cost the UK economy £1.9 billion. This forced the company to shut down systems across their factories and offices, with ripple effects extending to as many as 5,000 organisations in its supply chain.
Richard Horne, Chief Executive of the NCSC, issued a warning, stating, “Cybersecurity is now a matter of business survival and national resilience. The best way to defend against these attacks is for organisations to make themselves as difficult a target as possible.”
In order to become “harder targets,” organisations must adopt an offensive, attacker-like mindset, according to Keith Poyser, Vice President for EMEA at Horizon3.ai. Poyser explains, “Organisations must think faster than potential attackers. Continuous, autonomous pentesting is the only reliable way to determine whether hackers can break in and whether an organisation’s security controls are genuinely effective. It is crucial to validate defences in the context of your environment, rather than relying on generic vulnerability lists.”
Traditional penetration testing, which has been used for decades, is no longer sufficient in today’s rapidly evolving threat landscape. It is often conducted only annually or quarterly and solely by humans. This is why Horizon3.ai’s NodeZero® Offensive Security Platform, which allows for continuous, autonomous pentesting, is becoming increasingly popular among organisations. With this platform, businesses can emulate attacker techniques in live environments and seamlessly integrate them with agile and DevOps workflows, aligning security testing with modern software development and deployment processes.
Unfortunately, many organisations are still relying solely on defensive measures to protect against cyber threats. Horizon3.ai’s own Cybersecurity Report UK 2024/25, which collected responses from managers with IT level responsibility in 150 UK organisations, confirms this. The report found that 34% of organisations only use defensive measures, 21% focus on defence but occasionally conduct offensive exercises, and only 12% conduct offensive exercises internally. A further 15% were unsure how to approach this, while 18% outsource offensive exercises entirely.
When asked which technology, solution, or practice would significantly improve their security, 12% of respondents said they would want more budget funds, while 37% said they want to know exactly where they are vulnerable so they can proactively address weaknesses, indicating the need for autonomous penetration testing. Additionally, 26% responded that they would need to convince leadership that cybersecurity must be a top priority.
The government, industry regulators, and customers are increasingly calling for CEOs, boards, and senior leaders to take personal ownership of cyber risk. This shift reflects a broader recognition that cybersecurity is now a critical component of organisational stability, operational continuity, and economic resilience.
In this context, penetration testing plays a pivotal role in meeting these heightened expectations and has become a cornerstone of both operational and economic resilience. By continuously validating defences, organisations can reduce their Mean Time to Remediate (MTTR), lower the cost of fixing weaknesses, and significantly strengthen their overall security posture. Regular testing also supports risk-based vulnerability management, enhances audit readiness, and creates a verifiable record of due diligence, ultimately easing the burden of compliance.
Due care and due diligence are two fundamental principles that form the backbone of effective risk management in cybersecurity. Due care refers to the proactive steps an organisation takes to protect its systems, data, and users, such as enforcing security policies, fixing weaknesses, and carrying out regular risk assessments. Due diligence, on the other hand, is the ongoing validation of whether those protective measures are actually working. It involves activities such as penetration testing, reviewing third-party risks, and verifying alignment with industry standards. Together, they ensure that organisations are not only implementing safeguards but also continuously confirming their effectiveness.
Keith Poyser concluded, “Continuous pentesting is central to this process, providing the evidence organisations need to demonstrate their cyber resilience.”
About Horizon3