UK Businesses More Exposed to Major Cyber Incidents Than Any Other Country

61% of UK organisations have created defined runbooks, roles, and processes for incident responses, which is ahead of the global average of 41%.

93% of UK businesses have experienced a business-critical cyber incident.

UK organisations are 11% less likely to have tested their recovery plans within the last month compared to other countries.

65% of UK organisations have an inventory of business-critical systems and dependencies, which is ahead of the global average of 50%.

Only 36% of UK organisations strongly believe that they should prioritise the minimum viability approach.

52% of UK organisations stated that the biggest challenge to achieving Minimum Viability Company (MVC) status is the complexity of existing systems and applications.

Almost a third (30%) of UK organisations cited difficulties separating 'core' systems from less business-critical, 'broader' operations as another primary barrier to achieving Minimum Viability Company (MVC) status.

47% of UK organisations cited the struggle to keep recovery plans in line with changing business needs as the biggest challenge to achieving Minimum Viability Company (MVC) status.

57% of business-critical incidents in the UK occurred in the past 18 months.

Only 7% of the UK businesses surveyed reported never having experienced a "business-critical" incident, which is less than the 14% reported for the rest of the world.

UK organisations are 21% less likely to have a dedicated environment in which to recover compared to other countries.