British businesses still arent bouncing back from cyberattacks heres how to tackle the problem

Date:
Thu, 26 Mar 2026 11:43:09 +0000

Description:
British businesses face lasting impacts from cyberattacksdiscover why
recovery and resilience are now essential..

FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news
and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are now subscribed Your newsletter sign-up was successful An account already exists for this email address, please log in. Subscribe to our newsletter British retailers are still reeling from the spate of cyberattacks last summer. From JLR to M&S to the Co-op, the aftershocks of these attacks both reputational and financial, have been significant.

The breaches indicate a wider, worrying trend. 71% of UK businesses have paid a ransom in the past 12 months following a material cyberattack. And worryingly, around a quarter of organizations (25%) still pay ransoms during the negotiation stage. Large-scale brands with the most sophisticated cybersecurity tools in place are still falling victim to breaches. The speed and scale of these attacks is only set to increase as techniques like vibe coding, where ransomware code is quickly written and adapted using generative AI, become more accessible to cybercriminals. Article continues below You may like AI is breaking the prevention first mindset: Why rapid recovery now matters more than ever When confidence becomes a risk: The gap between cyber resilience readiness and reality AI powers innovation but its also powering the next wave of cyber attacks Via AI, ransomware strains can now change
their signature as they move from server to server, rewriting themselves in real time to evade detection across multiple systems. Julien Mousqueton
Social Links Navigation

Field CISO EMEA at Cohesity. A successful high-profile breach against a
single organization often triggers a surge of attacks across an entire
sector, fueling fierce competition on the dark web as cybercriminals race to outdo each other.

But what does all this mean for British businesses? Traditional tools for threat detection are no longer enough to halt cyberattacks in their tracks. Breaches are no longer an if but a when.

That means organizations need to shift away from a preventative, defensive mindset and towards a broader strategy that prioritizes response and recovery as well as prevention. Lets take a look at whats needed to make the change. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. One step at a time One issue is that existing guidance for British businesses is far too vague and doesnt provide
actionable steps or help organizations to benchmark their current level of cyber resiliency.

For example, the NCSCs Cyber Essentials checklist recommends that organizations rehearse how they would respond to a cyber breach, and practice how to rebuild following an incident.

Whilst its good initial guidance, it doesnt highlight what an effective response and recovery strategy requires: a shared responsibility model
between IT, security and the wider business. What to read next Passwords are still a problem for UK businesses - what next? The human paradox at the
center of modern cyber resilience Britain's compliance blind spot

Drills have to involve every area of the organization, where every employee understands their unique role and responsibilities in the event of a breach and the steps they need to take. Its only possible to understand operational capability by testing it. And testing becomes impossible when a business is operating in siloes.

Adding to this, getting business, IT and security in one room and securing agreement on a plan is no mean feat. Business wants agility. IT wants lower costs. Security wants immediate response. It can feel like herding sheep.
True organizational buy-in requires an overhaul of people and processes as much as technology.

And a lot of patience. Regulations such as the EUs DORA have been
instrumental in driving cyber resilience. DORA has been effective because it offers organizations specific steps for implementation, as well as a timeline to comply.

Though organizations might not have achieved compliance yet, DORA has encouraged leaders to act sooner rather than later and assess their current impact tolerance and resiliency.

Unfortunately, non-mandatory guidance - like Cyber Essentials - is always going to be seen as an optional, resulting in inconsistent adoption. Why we need greater focus on data backup and recovery As well as running cyber
drills that span every area of the business, a wider shift needs to happen across the industry.

Much of the focus is still on threat prevention rather than threat response. After high-profile breaches, we often see organizations ramp up investment into tools for threat detection and mitigation, for example, endpoint protection and network monitoring .

However, overfocusing on one type of tool has proved dangerous. Data backup
is still an afterthought, left on the backburner. As things stand, a third of UK organizations arent accurately identifying and backing up all of their sensitive information.

This failure to back up mission-critical data is why British businesses have experienced lasting impacts on their operations, such as prolonged supply chain disruption. As long as data protection and recovery remain fragmented, organizations cant hope to bounce back quickly from breaches and risk losing the trust of their customers - and boards.

The good news is that the tools are available today for organizations who are looking to build resilience but are unsure where to start. Modern data protection platforms make it easier than ever to bring security and IT under one umbrella. IT teams no longer have to juggle multiple consoles, or
question whether their recovery points are reliable.

When every component across the business is visible in one unified dashboard, organizations can restore critical systems in a matter of hours rather than days. And when it comes to regaining customer trust after a breach, every minute counts. The long and short of it Cyberattacks now touch every part of an organization, as incidents compel companies to rethink forecasts, absorb market reactions, and redirect budgets.

Investment into cybersecurity tools isnt enough to deliver resilience
anymore. True resilience is now defined by organizations' ability to keep business-critical processes up and running, during and after a breach.

Backup tools now underpin resilience, because data underpins every function in every business: from HR platforms to supply chain management to payroll . Data backup doesnt just protect information: it protects the business, its employees, and its reputation when it matters most.

Its up to business leaders to make cyber resilience a priority within their organization. Its no longer enough to rely solely on IT and security teams; every employee has a role to play in keeping the business secure and resilient. Culture shifts take time, commitment and persistence. But the payoff is undeniable. Check our list of the best IT management tools .



======================================================================
Link to news story: https://www.techradar.com/pro/british-businesses-still-arent-bouncing-back-fro m-cyberattacks-heres-how-to-tackle-the-problem


--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)