InfoSecBulletin Cybersecurity for mankind
Only 13% of organizations in the UK are resilient to cyber-attacks, while the majority are either vulnerable (48%) or at high risk (39%) of experiencing damaging cyber-incidents. This information comes from a new report by Microsoft in collaboration with the University of London.
The tech giant said that the UK’s ambition of becoming an ‘AI superpower’ is harmed by the lack of secure foundations.
F5 to acquire CalypsoAI for $180M for Advanced AI Security Capabilities
AI Pentesting Tool ‘Villager’ Merges Kali Linux with DeepSeek AI for Automated Attacks
CVE-2025-21043
Samsung Patched Critical Zero-Day Flaw Exploited in Android Attacks
Albania appoints world’s first AI minister, “Diella” to Tackle Corruption
L7 DDoS Botnet Hijacked 5.76M Devices for Large Attacks
Palo Alto Networks User-ID Credential Agent Vuln Exposes password In Cleartext
CyberVolk Ransomware Attacks CII In Japan, France, and UK
Microsoft warns of active directory and office vulnarability
(CVE-2025-10159)
Sophos Addressed Critical Auth Bypass flaw in Wireless Access Points
1.6M fitness phone call recordings exposed online
Microsoft has called for more investment in AI technologies and solutions to address the increasing use of AI for cyber-attacks. The report defined resilient organizations as those that have implemented security-by-design across their networks. Additionally, they must be adopting AI security tools to enable them to detect and respond faster to threats.
48% of organizations are considered ‘Vulnerable.’ Defensive systems and processes are in place, but more investment and support are needed to improve resilience. Only a small number are using AI for security. ‘High Risk’ organizations are those that have little emphasis on cybersecurity and do not utilize AI in their business operations.
Cyber-attacks cost UK organizations £87bn ($111bn) each year. Stronger cybersecurity could save the UK economy £52bn ($66bn) annually. 52% of decision-makers and 60% of senior security professionals are worried about the cyber risks to their organization due to current geopolitical tensions. 70% of senior security professionals and 49% of decision-makers expressed concern about the risks that AI poses to their organization.
Only 55% of organizations are prepared for cyber threats, and only 43% have resources specifically assigned for cybersecurity events. Less than half (49%) of these leaders claimed to understand the cybersecurity skills their workforce requires, and only 56% have offered cyber-awareness training to staff.
27% of UK decision-makers do not know the cost of a successful cyber-attack to their organization, and 53% do not know how long it takes to recover from one. The report suggests that businesses using AI in their security strategy could reduce financial losses by 20% after a successful attack.
Organizations using AI in security had an average incident cost of £16,600 ($21,156), while those not using these tools had an average cost of £20,700 ($26,380). Organizations using AI in cyber defense can endure about 254 successful attacks before losing their annual revenue. Meanwhile, organizations that do not implement AI in this way can only withstand around 106 attacks.
Only 21% of organizations use AI to detect cyber vulnerabilities. Additionally, only 27% employ AI to strengthen their cyber defenses. The report highlighted that AI can help UK organizations gain an advantage over cybercriminals.
Dr. Chris Brauer, the Director of Innovation at Goldsmiths, University of London, stated that the UK has great potential to be a global leader in the field of AI. This presents a unique opportunity to boost our economy and improve public services. However, it is important that we prioritize building a safe and secure foundation for this future.
“To become an AI superpower, the UK must maintain its position as a cybersecurity superpower. With so many organisations shown to be vulnerable to cybercrime, our research surfaces both the urgency of the issue, and useful actions that leaders can take to boost the country’s cyber resilience.”
