Ricoh urges UK firms to adopt ‘assume breach’ cyber approach

Ricoh UK has provided expert analysis following the National Cyber Security Centre's (NCSC) annual review, suggesting UK organisations should re-examine their strategies in response to the evolving nature of cyber threats.

Changing tactics

Steve Timothy, Sales Director - Cyber Security at Ricoh, highlighted a shift in guidance from the NCSC, moving away from an exclusive focus on prevention towards an 'Assume Breach' approach. This change comes amid ongoing developments in the sophistication and frequency of cyberattacks, including a notable rise in incidents leveraging artificial intelligence (AI).

"Contingency planning for cyber-attacks is nothing new, but it's significant to see the UK's cyber authority highlighting this so prominently in its annual review. Recent high-profile attacks have shown that preparation and proactive protection always outweigh recovery after the fact. The government's advice is sound, having a documented process for the rapid recovery of business operations and IT systems stored in a physical format and accessible by key stakeholders is important. Testing this recovery process before an event is equally important. Nobody knows whether a plan will be truly effective unless it's tested in as real an environment as possible."

He explained that organisations now face a shifting landscape: "We're seeing a shift away from prevention messaging towards an 'Assume Breach' approach from the National Cyber Security Centre (NCSC) in the UK. This shift in mindset should focus efforts on how quickly an organisation can respond and more importantly, recover when they suffer an attack."

Regular reviews and testing

Timothy described the importance of continuous evaluation of systems and procedures. "It's also important to be constantly reviewing your protections and protocols. At Ricoh we often say the protection the customer had last year won't protect them next year. Organisations that plan ahead, regularly test their systems, and embed security into every process are far better positioned to withstand and recover from evolving threats."

Impact of AI on the threat landscape

The increasing use of AI by both attackers and defenders was also addressed by Ricoh, which outlined the challenges and opportunities presented by the technology in a new Q&A.

Ricoh noted that AI has become a critical factor: "AI is no longer a future threat; it's here now. Cybercriminals are using AI to launch dynamic, hard-to-detect attacks that adapt in real time. These attacks can learn user behaviour, mimic language patterns for convincing phishing attempts, and even create deepfake scams that trick experienced employees."

Citing the State of UK Digital Transformation 2025 report, the company pointed out vulnerabilities in the UK market: "More than half of UK organisations still lack basic cybersecurity awareness, according to the State of UK Digital Transformation 2025 report. This leaves businesses increasingly exposed at a time when threats are evolving faster than ever."

Limitations of traditional defences

With reference to defensive strategies, Ricoh explained: "While they still play an important role, traditional tools aren't designed to handle the adaptive nature of AI-driven attacks. They can't spot unfamiliar threats before they take hold, adjust in real time, or interpret subtle behavioural signs of a breach. Manual processes are also often too slow to respond effectively."

Examples of AI-enabled attacks

On the specific use of AI by cybercriminals, Ricoh stated: "Common tactics include: Learning and adapting to user behaviour; Mimicking writing styles to create believable phishing emails; Producing realistic voice or video deepfakes to impersonate senior leaders; Launching highly targeted social engineering attacks."

AI as a defensive tool

Despite the risks, Ricoh described AI as an effective tool for defence as well. "AI is becoming a powerful ally in cyber defence. Forward-thinking organisations are using it to: Monitor systems 24/7 and detect anomalies instantly; Automate detection and response workflows to reduce human error; Run simulated phishing attacks to boost employee awareness. By combining human judgement with machine precision, businesses can build far stronger defences."

Practical steps for organisations

Ricoh provided advice for organisations aiming to strengthen their cyber resilience. The company highlighted four initial steps: "Run a cybersecurity awareness audit - Identify current gaps in your team's knowledge and processes. Deploy AI-powered protection tools - Use automation to spot and stop attacks faster. Train for tomorrow's threats - Simulated attacks and interactive training can build staff confidence and speed of response. Align security across the business - Cyber security is everyone's responsibility, not just IT's."

Takeaway for business leaders

Summing up the current scene, Ricoh said: "AI has changed the cyber security game - for attackers and defenders alike. Businesses that act now can get ahead, protect their data, and create a secure foundation for future growth."