UK Businesses More Exposed to Major Cyber Incidents Than Any Other Country, According to New Research by Commvault
UK Businesses More Exposed to Major Cyber Incidents Than Any Other Country, According to New Research by Commvault |
| [19-August-2025] |
93% of UK businesses have experienced a business-critical cyber incident, yet they are 21% less likely to have a dedicated environment in which to recover READING, England, Aug. 19, 2025 /PRNewswire/ -- New research by Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, in collaboration with research firm GigaOm, has revealed that the UK experiences a higher rate of critical cyber incidents than any other country. A cyber incident can be defined as an event or series of events that negatively affects the security of data systems or digital information within an organisation, including a security breach or ransomware attack.
Only 7% of the UK businesses surveyed report never having experienced a "business-critical" incident, compared to 14% of the rest of the world. This means that a staggering 93% of UK businesses have experienced a business-critical incident, of which 57% occurred in the past 18 months. Despite experiencing more frequent devastating incidents than the global average, UK organisations are falling behind when it comes to their readiness to react and recover from cyberattacks. According to the research, they are 21% less likely to have deployed a dedicated recovery environment, and 11% less likely to have tested their recovery plans within the last month compared to the other countries - two aspects of a recovery plan that are widely considered to be fundamental. Barriers to Being a Minimum Viability Company Survey respondents stated that the biggest challenge preventing UK businesses from achieving minimum viability is the complexity of existing systems and applications (52%), followed closely by the struggle to keep recovery plans in line with changing business needs (47%). Almost a third (30%) cited difficulties separating 'core' systems from less business-critical, 'broader' operations as another primary barrier to implementing the MVC concept. However, nearly two-thirds of UK businesses have laid some foundational steps in their efforts to be resilient against attacks, with 65% having an inventory of business-critical systems and dependencies and 61% creating defined runbooks, roles, and processes for incident responses. This is ahead of the global averages of 50% and 41%, respectively. This suggests that while UK businesses are investing time and resources into incident response preparations, that is not translating into real-world recovery readiness. Many of these cyber readiness practices are directly relevant to establishing what's needed to adopt a MVC approach. Yet only 36% of UK organisations strongly believe that they should prioritise the minimum viability approach. "With the threat landscape evolving, business recovery is now a key concern at the board level," said Richard Gadd, Senior Vice President, EMEA, Commvault. "However, this research identifies critical gaps many organisations in the UK face as they rapidly try to advance their cyber resilience strategies. Having a tested recovery plan in place and a dedicated recovery environment in the cloud can make all the difference between chaos and continuous business." "Business-scale cyberattacks are now the norm, not the exception. If complexity is killing efforts to prepare for recovery, executive leaders need to assume control and set business-level priorities, so they can keep the organisation running after an attack," said Howard Holton, Chief Operating Officer, GigaOm. Methodology About Commvault
SOURCE COMMVAULT | ||
Company Codes: NASDAQ-NMS:CVLT |
View original content to download multimedia:Building Self-Control Through Mindful Practices
Understanding The Importance Of Financial Habits
