Cybersecurity trends: What businesses need to know
This blog was written as part of the 2025 Birmingham Economic Review, an annual report produced by University of Birmingham/City-REDI in partnership with the Greater Birmingham Chambers of Commerce. Read the full report.
By David Keeling, Intercity Technology
High-profile cyberattacks on UK businesses are at an all-time high. From supply chain breaches to ransomware incidents, the impact is being felt across every sector. At Intercity, we’ve reviewed insights from the National Cyber Security Centre (NCSC) and Microsoft, alongside our own observations, to deliver a concise, high-value briefing for busy professionals. Here’s what business leaders need to know and what they can do about it.
The Threat Landscape in 2025
Ransomware remains dominant.
Ransomware continues to be the biggest threat, responsible for 44% of major incidents. In 96% of cases, attackers also stole data to threaten victims with leaks. Average ransom demands now sit at £490,000, with some large organisations facing demands exceeding £50 million. Encouragingly, only 30% of victims paid, showing recovery is possible with the right preparation.
Email scams are surging.
Business Email Compromise (BEC) made up 27% of all major incidents, with phishing behind 73% of cases. In finance and insurance, BEC was the top cause of cyber incidents, accounting for 53% of all reports. This shows just how often human error remains the key entry point.
Vulnerabilities are being exploited faster.
Intrusions, unauthorised access without ransomware or phishing have risen sharply, making up 24% of incidents. In 76% of these, attackers used just ten known vulnerabilities, most preventable through regular updates. More than 40,000 new vulnerabilities were recorded in 2024, a 13% year-on-year increase Ensuring your IT environment is maintained and properly managed is imperative.
Simple weaknesses still cause major problems.
Most attacks succeed because of avoidable issues such as weak passwords, outdated software or unsecured remote access. Follow best practice is to ensure policies and controls are in place following best practice standards such as Cyber Essentials .
Future threats are emerging.
With the rise in AI tools, cyber attackers are embedding phishing links into content used to train large language models, aiming to poison outputs and redirect users to malicious sites. This tactic exploits the credibility of AI-generated responses, making phishing attempts harder to detect and more effective at scale.
Real-World Impact
From M&S and Harrods to the more recent JLR breach, cyber incidents are disrupting household names. The BBC continues to reference the 2023 collapse of KNP Group, to highlight how quickly operations can fail. Intercity spoke exclusively with former Group Director Paul Abbott before his story made headlines.
What business leaders can do
- Make cybersecurity a board-level priority. Treat it like any other major business risk.
- Strengthen identity and access. Use strong, phishing-resistant MFA for everyone.
- Invest in people. Staff awareness is the most effective defence.
- Get the basics right. Follow best practice standards such as Cyber Essentials
- Plan for recovery. Test your response so you can recover fast.
How Intercity is responding
As a trusted Microsoft Intelligent Security Association (MISA) member, Intercity helps organisations strengthen resilience through practical, people-first solutions:
- vCISO: On-demand cybersecurity leadership that aligns protection with business goals.
- Security Assessment: Secure your Microsoft tenant configurations that reduce risk.
- SOC and Managed Security: 24/7 monitoring, detection and response to stop threats before they spread.
Cyber risk is here to stay, but with the right strategy and the right partner, businesses can stay secure and move forward with confidence.
