InfoSecBulletin Cybersecurity for mankind
Only 13% of organizations in the UK are resilient to cyber-attacks, while the majority are either vulnerable (48%) or at high risk (39%) of experiencing damaging cyber-incidents. This information comes from a new report by Microsoft in collaboration with the University of London.
The tech giant said that the UK’s ambition of becoming an ‘AI superpower’ is harmed by the lack of secure foundations.
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
CISA adds Langflow flaw to its KEV catalog
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
Microsoft has called for more investment in AI technologies and solutions to address the increasing use of AI for cyber-attacks. The report defined resilient organizations as those that have implemented security-by-design across their networks. Additionally, they must be adopting AI security tools to enable them to detect and respond faster to threats.
48% of organizations are considered ‘Vulnerable.’ Defensive systems and processes are in place, but more investment and support are needed to improve resilience. Only a small number are using AI for security. ‘High Risk’ organizations are those that have little emphasis on cybersecurity and do not utilize AI in their business operations.
Cyber-attacks cost UK organizations £87bn ($111bn) each year. Stronger cybersecurity could save the UK economy £52bn ($66bn) annually. 52% of decision-makers and 60% of senior security professionals are worried about the cyber risks to their organization due to current geopolitical tensions. 70% of senior security professionals and 49% of decision-makers expressed concern about the risks that AI poses to their organization.
Only 55% of organizations are prepared for cyber threats, and only 43% have resources specifically assigned for cybersecurity events. Less than half (49%) of these leaders claimed to understand the cybersecurity skills their workforce requires, and only 56% have offered cyber-awareness training to staff.
27% of UK decision-makers do not know the cost of a successful cyber-attack to their organization, and 53% do not know how long it takes to recover from one. The report suggests that businesses using AI in their security strategy could reduce financial losses by 20% after a successful attack.
Organizations using AI in security had an average incident cost of £16,600 ($21,156), while those not using these tools had an average cost of £20,700 ($26,380). Organizations using AI in cyber defense can endure about 254 successful attacks before losing their annual revenue. Meanwhile, organizations that do not implement AI in this way can only withstand around 106 attacks.
Only 21% of organizations use AI to detect cyber vulnerabilities. Additionally, only 27% employ AI to strengthen their cyber defenses. The report highlighted that AI can help UK organizations gain an advantage over cybercriminals.
Dr. Chris Brauer, the Director of Innovation at Goldsmiths, University of London, stated that the UK has great potential to be a global leader in the field of AI. This presents a unique opportunity to boost our economy and improve public services. However, it is important that we prioritize building a safe and secure foundation for this future.
“To become an AI superpower, the UK must maintain its position as a cybersecurity superpower. With so many organisations shown to be vulnerable to cybercrime, our research surfaces both the urgency of the issue, and useful actions that leaders can take to boost the country’s cyber resilience.”
