Business
UK Businesses More Exposed to Major Cyber Incidents Than Any Other Country, According to New Research by Commvault
93% of UK businesses have experienced a business-critical cyber incident, yet they are 21% less likely to have a dedicated environment in which to recover
About this update from Commvault Systems, Inc.
[{"type":"text","content":"93% of UK businesses have experienced a business-critical cyber incident, yet they are 21% less likely to have a dedicated environment in which to recover\nREADING, England, Aug. 19, 2025 /PRNewswire/ -- New research by Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, in collaboration with research firm GigaOm, has revealed that the UK experiences a higher rate of critical cyber incidents than any other country. A cyber incident can be defined as an event or series of events that negatively affects the security of data systems or digital information within an organisation, including a security breach or ransomware attack.\n\n \n \n \n \n \n \n\n \nOnly 7% of the UK businesses surveyed report never having experienced a \"business-critical\" incident, compared to 14% of the rest of the world. This means that a staggering 93% of UK businesses have experienced a business-critical incident, of which 57% occurred in the past 18 months.\nDespite experiencing more frequent devastating incidents than the global average, UK organisations are falling behind when it comes to their readiness to react and recover from cyberattacks. According to the research, they are 21% less likely to have deployed a dedicated recovery environment, and 11% less likely to have tested their recovery plans within the last month compared to the other countries - two aspects of a recovery plan that are widely considered to be fundamental.\nBarriers to Being a Minimum Viability CompanyThe survey also highlights key findings tied to the Minimum Viability Company (MVC) concept. This concept outlines the core operations that are necessary to resume business quickly after a cyberattack. In an age where cybercriminals are increasingly sophisticated, infiltrating backups with malware, or planting dormant ransomware that activates after restoration, this approach is fundamental to operating in a state of continuous business.\nSurvey respondents stated that the biggest challenge preventing UK businesses from achieving minimum viability is the complexity of existing systems and applications (52%), followed closely by the struggle to keep recovery plans in line with changing business needs (47%).\nAlmost a third (30%) cited difficulties separating 'core' systems from less business-critical, 'broader' operations as another...