One in 10 UK businesses ‘would not survive’ a major cyber attack, warns Vodafone Business

Around one in 10 UK businesses believe they would not survive a serious cyber incident, according to study by Vodafone Business.

The research, based on a survey of 1,000 senior leaders, found that over 10 per tnrt admitted their organisations would be unlikely to recover from a major attac. Nearly two-thirds said their exposure to cyber risk has increased over the past year.

The survey found basic cyber hygiene remains weak. Password reuse is rife, with leaders estimating employees use their work password for up to 11 other personal accounts, including social media and dating sites – a gift to cybercriminals.

Nearly three-quarters of leaders surveyed believe at least one employee would fall for a convincing phishing email due to poor awareness, lack of training, staff being “too busy”, and no clear protocols for spotting and reporting suspicious messages.

“Some of these findings are truly alarming,” said Nick Gliddon, Business Director at VodafoneThree. “One in ten leaders believe their company would not survive a cyber-attack. That highlights the scale of vulnerability facing UK firms today.”

While 89 per cent of bosses say last year’s high-profile cyber-attacks made them more alert to online threats, fewer than hal have given staff cyber awareness training.

Artificial intelligence is making scams harder to spot. Deepfake videos have made people more wary of video calls claiming to be from senior colleagues to trick employees into transferring money, handing over data or granting system access. As deepfake tools improve, social engineering is becoming more dangerous – and more convincing.

The findings come as the UK Government prepares to launch a second Telecommunications Fraud Charter later this year to strengthen defences against cyber-enabled crime. The charter aims to tighten standards for prevention, detection and response, and bring industry and government closer together.