• Swindon & Wiltshire Tech
• Tuesday May 5 2026

Firms urged to strengthen cyber defences as criminals turn to AI

Almost half of businesses suffered a cyber breach or attack in the past 12 months as criminals turn to AI to increase the speed and scale at which they can operate.

The government’s 2025/26 Cyber Security Breaches Survey shows the cyber threat to the UK remains widespread and significant, with 69 per cent of large firms suffering cyber breaches or attacks and 29 per cent of firms experiencing breaches or attacks at least once per week.

The findings follow a year of high-profile cyber incidents affecting major businesses, including M&S, Co-op and Jaguar Land Rover.

In an open letter to businesses, government ministers have warned a new generation of AI models is lowering the barrier for cyber criminals, helping them find weaknesses in software, write the code to exploit them, and carry out attacks at a speed and scale that would have been impossible even a year ago.

Cyber security minister Baroness Lloyd has written to the CEOs and chairs of over 180 of the UK’s leading businesses to encourage as many as possible to sign up to a new Cyber Resilience Pledge ahead of a formal launch later this year.

Businesses will be able to become signatories if they take three concrete actions to increase their security. This includes making cyber security a board-level responsibility, signing up to the National Cyber Security Centre’s free Early Warning service, and obtaining the government-backed Cyber Essentials certification across their supply chains.

For smaller firms, the government’s Cyber Essentials campaign is urging SMEs to “lock the door” on cyber criminals and protect themselves from common online threats.

Cyber Security Minister Liz Lloyd said: “These figures are a stark reminder of the importance of having robust cyber security measures.

“All business leaders should be gripping this issue and taking action now, especially as AI is making the threat more acute. Quite simply, firms cannot afford not to take these steps.

“Businesses are not powerless. Practical steps such as using the NCSC’s free guidance, signing up to their Early Warning service and adopting Cyber Essentials can significantly strengthen defences and help keep businesses, customers and the wider economy safe.”

The survey shows cyber threats remain a persistent risk, with approximately 612,000 businesses reporting at least one cyber breach or attack in the past 12 months.

As in previous years, phishing attacks continue to be the most common breach or attack suffered by 38 per cent of firms, highlighting the ongoing importance of staff awareness and good cyber hygiene.

The government is strengthening cyber resilience across the economy through the Cyber Security and Resilience Bill, which will boost UK cyber defences and strengthen the resilience of essential and digital services and key suppliers.

It will help protect the services people rely on every day, from energy and water to healthcare and data centres, while stronger defences throughout supply chains will reduce the risk of disruption from cyber attacks and help keep vital services running.

Image by Mikhail Nilov at Pexels