SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Uk city skyline storm cloud binary padlocks cyberattack scene
#
Data Protection
#
DR
#
Ransomware

UK cyberattacks surge 129%, fuelling risk & losses

Wed, 28th Jan 2026
Author image
By Shannon Williams, News Editor

Significant cyberattacks in the UK rose 129% over the past year, with the National Cyber Security Centre handling around four major incidents a week, according to insurance broker Everywhen.

The firm said the rise in large incidents has increased the financial and operational risks facing businesses, including firms that sit in the supply chain of an affected organisation. It said outages and data theft now feature more often in corporate risk assessments and insurance buying decisions.

Neil D'Mello, Client Director (South Division) at Everywhen, said cyber events now cut across public services, large enterprises and smaller organisations.

"Cyber risk affects every level of society, from governments protecting essential services and businesses navigating fluctuating markets and supply chain delays, through to organisations fighting to keep their operations running. These high stakes were evident in recent large-scale cyberattacks, which had major consequences," said Neil D'Mello, Client Director (South Division), Everywhen.

Retail fallout

Everywhen pointed to recent examples where cyber incidents triggered market and legal consequences. It cited an attack on Marks & Spencer in 2025. The firm said the retailer's market capitalisation fell by around GBP £1 billion. It also said customer data was allegedly stolen.

Everywhen said the incident led to collective legal action as individuals sought compensation for compromised data. The case has added to the volume of UK claims activity linked to cyber incidents and data protection concerns.

The company also referenced the effect of a cyber event on Jaguar Land Rover. It said the carmaker reported a GBP £485 million pre-tax loss for the quarter, compared with a GBP £398 million profit a year earlier. It said the company shut down networks and halted highly automated production lines for weeks.

Everywhen said public reporting described the incident as the costliest cyberattack in UK history. It also cited estimates of a GBP £1.9 billion economic impact and significant supply chain disruption.

Supply chain risk

D'Mello said the spillover effects have become a central issue for smaller firms that trade with larger organisations. He said disruption can spread quickly when a large business takes systems offline, even if suppliers and contractors do not suffer direct compromise.

"One of the biggest issues to come out of these attacks is how supply chains, particularly for SMEs, were impacted. When something on this scale occurs, having the right advice and protection in place is key to preventing and mitigating losses.

"These types of cyber outages can break a business, even when they're not the initial target. Cyber policies that include legal defence, PR and interruption cover aren't optional, they are an essential part of a forward thinking and grounded defence strategy," said D'Mello.

The comments come as cyber insurance remains a developing market in the UK. Insurers have tightened underwriting in recent years and have asked more questions about patching, back-ups, identity controls and incident response plans. Brokers have also reported more interest in policy extensions that address the cost of forensic investigations, specialist legal advice, communications work and business interruption.

Policy response

The government has also set out new work on cyber resilience across public services. Everywhen said a dedicated Cyber Action Plan has been announced. It said the government has committed GBP £210 million to strengthen public services against cyber threats.

Everywhen said the plan raises expectations for organisations connected to government services. It also questioned how far new standards and accountability requirements will influence private sector practices, particularly in smaller firms with limited in-house security resources.

The broker said SMEs should consider insurance arrangements that include access to threat alerts, guidance and security tools alongside financial cover. It said firms need to evaluate exposure to legal defence costs, public relations spending, loss or damage claims and interruption losses.

Industry analysts have noted that the impact of cyber incidents now extends beyond immediate remediation. Firms can face longer-term issues such as customer churn, regulatory scrutiny, contractual disputes and higher borrowing and insurance costs. Public market moves after major incidents have also put pressure on boards to demonstrate readiness.

Everywhen said businesses should assess how a large-scale incident could affect future trading. It said that includes scenarios where a company suffers disruption through third-party technology providers or supply chain partners rather than an attack directed at the company itself.

Related stories
Flare sees rapid MSSP uptake of external threat intel
Palo Alto revamps NextWave to reward AI security platforms
Chainguard hits 500m container manifests with AI boost
DigiCert sees record UltraDNS DDoS surge in December 2025
Arctic Wolf named Chubb’s preferred MDR cyber partner

Top stories

Siemens unveils virtualised substation protection platform
Cayosoft, XMS to bolster US War Department identity
Sygnia uncovers global law firm recovery scam network
Guardsquare buys Verimatrix XTD to boost mobile security
Acronis extends Manchester City data protection deal