A staggering 95% of UK Critical National Infrastructure (CNI) organisations experienced a data breach in the past year, according to our latest research. The report, entitled Cyber Security in Critical National Infrastructure: 2025, also reveals that over half (54%) reported financial losses exceeding £100,000 per breach, with cyber security upgrades, systems recovery and increased operational costs contributing to the bulk of the expenses.
The findings further reinforced the growing cyber threats facing UK CNI organisations, particularly ransomware, phishing and unauthorised access, which continue to plague them as the top three most frequent types of attack. In addition, one-third of organisations targeted by ransomware admitted to paying the ransom, a practice which has been hotly debated in recent months.
Other significant findings from the report conducted by Censuswide on over 600 cyber security professionals in UK CNI organisations, included:
Response Times and Detection Priorities
Speed of incident response remains a key challenge, with only 22% of organisations able to respond to a ransomware attack within an hour, while 69% manage to respond within six hours. As a result, improving incident detection speed has emerged as the fastest-growing priority for UK CNI organisations over the past two years.
Cloud Services are a Prime Target and Data Protection Concerns Loom
Cloud services have become the most targeted attack vector across IT and OT environments in UK CNI sectors according to the respondents, with web browsing and internet access cited as the second main avenue for attack amongst these organisations. Data protection remains a significant concern, with 90% of organisations expressing worries about meeting compliance requirements.
AI-driven Cyber Threats on the Rise, as is AI Adoption Itself
Artificial intelligence is reshaping the cyber threat landscape, with AI-driven phishing emerging as the top AI-powered attack vector (with 83% of respondents citing it as a top concern). Automated hacking and AI-powered botnets follow closely behind. A remarkable 95% of UK CNI organisations are integrating AI-driven tools into their operations.
Cyber Security Strategies and Maturity Concerns
Despite 90% of respondents believing they have a mature IT cyber security strategy, only a quarter are following best practices for cyber risk assessments. Confidence in Operational Technology (OT) security maturity is even lower, with just 34% describing their OT security as “very mature,” compared to 44% for IT security.
Addressing the Cyber Security Talent Gap
To address the cyber security skills shortage, UK CNI organisations are focusing on reskilling current employees, outsourcing to external partners and developing apprenticeship programmes over the next two to three years.
Supply Chain Vulnerabilities Persist
Despite the growing reliance on third-party providers, only 42% of UK CNI organisations are “very confident” in their ability to handle supply chain cyber threats. And 57% of respondents experienced a supply chain attack in the past year. The top three supply chain attacks experienced were firmware attacks, data interception and tampering and third-party service provider breaches.
.tmb-6_col_resi.jpg?sfvrsn=d1d49d61_1)
