Business & Technology
The state of cyber resilience amongst UK organisations
Compared to a year ago, cyber resilience in the UK is improving. Security leaders are reporting signs of stronger visibility, broader controls and a better understanding of cyber risk in general.
However, when resilience is tested in a live scenario, confidence drops.
Clearly, there’s a growing gap between perceived improvement and operational confidence. In Gamma Communications’ UK Cyber Resilience Benchmark Report, 81% of organisations have seen an improvement in their cyber resilience. Yet less than one in four of these organisations are confident in their security approach would hold during a major security incident.
It’s a disconnect that matters. Attackers won’t put resilience to the test through theory or speculation. They’ll strike in the quiet hours of the morning, targeting disjointed systems managed by stressed teams and overburdened suppliers.
For security leaders, they need to ask whether their organisation can execute under pressure. Once, the conversation revolved around investment in security tools. But now, it’s whether these teams, partners and the tools available can work as they should in a real-world scenario.
Why coordination matters more than controls
When resilience fails, it tends to be down to breakdowns in coordination. It’s rarely about technological gaps nowadays.
Security teams are tasked with interpreting alerts and assessing impact during a live incident. They need to make decisions quickly, while often having to navigate complex hybrid estates.
Confidence disappears if visibility is fragmented or there’s no clear process around ownership and escalation paths. Even if the technology underneath is strong, it’ll be hard to recover.
That’s why organisations need to pressure‑test how incidents are handled. It shouldn’t just be a quick-fire assessment around threat detection. Instead, ask those necessary questions like:
- Who’s leading the response at each stage of an incident?
- How quickly can teams see what is happening across both internal and external systems?
- When a decision must be made, how effectively do internal teams and partners coordinate?
The ability for people, processes and platforms to come together in the event of an incident is what defines resilience.
How hybrid security is changing the risk equation
48% of organisations now operate hybrid security models, combining internal teams with managed services, cloud platforms and specialist providers. It reflects how cyber defence has become too complex to rely on just a single team or capability.
But sharing responsibility across multiple parties can cause confusion around leadership and accountability. Hybrid security models demand clarity by design.
A clear definition around roles, responsibilities and escalation paths makes a difference. If they’re in place, organisations are better equipped to deal with an incident when it occurs.
Leadership teams require a consistent, unified view of activity across the environment. Without shared visibility, these flexible hybrid models will add operational risk.
The weak points: Human behaviour and supplier risk
Even with technological advances, the human element poses the biggest risk to operations.
Phishing, identity compromise and supply chain exposure are all persistent challenges. Think of a convincing-looking email from a ‘colleague’, or how a trusted third party becomes a compromised access route. It rarely begins with a technical failure.
A growing digital ecosystem means more potential entry points. Improving resilience requires the need to treat identity and behaviour as frontline controls. That means:
- Monitoring how users and suppliers interact with systems.
- Reducing unnecessary access requests and standing privileges.
- Ensuring third‑party access is governed, visible and continuously reviewed.
While technology enables resilience, behaviour determines how attacks are carried out.
How complexity quietly undermines incident response
50% of organisations believe their security stacks, although complex, remain effective. Once an incident occurs, these stacks are put to the test.
Steady technological investment has created a large, often overlapping collection of systems. Each one is individually valuable, but together, they’re difficult to manage. When a fast‑moving incident occurs, all this complexity creates noise, delays necessary investigations and increases the load on responders.
Resilience increasingly depends on simplification and integration. In practice, fewer, well integrated tools make it easier for teams to share context and respond effectively during these incidents.
Right now, security leaders must ask if their architecture allows teams to respond quickly or delay action.
AI’s role in accelerating attackers and delaying defenders
Most organisations will expect AI‑enabled attacks to shape the threat landscape of the future. Many are already seeing early signals through phishing and reconnaissance.
But while attackers are operationalising AI quickly, defensive adoption remains steadily cautious. Deployment within day-to-day decision-making is still limited.
Only 15% of organisations are actively using AI in their security operations. A further 16% haven’t even considered AI usage, creating a short‑term imbalance where speed and scale outpace caution.
AI isn’t a standalone capability. To support resilience, it must operate within clear guardrails that’s embedded into existing workflows, tooling and response processes. Human oversight is retained at key decision points.
Organisations that benefit most from AI will be those that apply it with intent. These systems are governed, tested, and integrated with purpose. They influence how incidents are detected, investigated and resolved, rather than being experimented with in isolation.
It’s time to close the resilience gap
When taken together, cyber resilience isn’t defined by individual controls or technologies.
Now, it’s down to readiness. It’s that ability to respond quickly, coordinate effectively and maintain clarity under pressure.
Closing the resilience gap requires an integral shift in focus. It’s time for organisations to move:
- From adding tools to improving how they work together.
- From theoretical capability to tested response.
- From technology alone to people, processes and partners.
The threat landscape is now dominated by automation, complexity and speed. Only those organisations that are the most operationally prepared can respond with that much-needed confidence.
Learn how to create a more secure, resilient communications ecosystem by reaching out to Gamma Communications today.
The popular shopping centre in Oxford’s Queen Street already has an exciting mix of shops on offer, from first-class dining options to familiar high street favourites and world-renowned brands.
Now, the Westgate has welcomed the latest addition to its retail offering, as David Clulow opticians opened on Friday, June 26.
READ MORE: All train lines closed out of Oxford for works from tonight
The eye health specialist store showcases the brand’s modernised retail format, with state-of-the-art testing rooms and improved accessibility.
It’s broad product range also includes designer frames from the likes of Chanel, Prada and Ray-Ban.
The store is the latest edition to David Clulow’s store collection which is hosted in nearly 30 cities and shopping centres across the UK.
The introduction of the new shop is the latest in a long line of recent Westgate comings and goings in recent months.
Shoe chain Russell & Bromley has departed its ground-floor store, leaving the unit empty, after the brand fell into administration.
READ MORE: Abingdon police seek to identify man who ‘frequents’ park
Similarly, Claire’s has also closed at the Westgate after the beauty and accessory brand also collapsed into administration.
Last month, the new Lego store opened on the ground floor of the centre, welcoming queues of shoppers at its grand opening event.
Oliver Bonas also recently moved from its home on the ground floor to a much larger unit on the middle floor, near the Queen Street and Bonn Square entrance.
The scheme, designed to support attendance at Armed Forces Day events, will be in effect across the UK on June 27 and June 28.
It applies to all Stagecoach services except those operated by Megabus, Transport for London and the Bee Network.
To access free travel, serving military should wear uniform or present a valid military ID card, and veterans should present a veteran’s badge or military medal.
Martin Gibbon, managing director of Stagecoach West, said: “Our Armed Forces have given so much to protect our country, and offering free travel over this weekend is just a small gesture of our immense gratitude.
“We want to make it as easy as possible for our service people, past and present, to attend local events and celebrate with their communities.”
Stagecoach’s ongoing support for the military community includes similar free travel schemes on Remembrance Day and Remembrance Sunday.
The company’s Veterans Network also offers a platform for veterans and service families within the business to connect and shape a more supportive workplace.
Stagecoach was awarded the Armed Forces Covenant Gold Award in 2024 in recognition of its commitment to supporting the military community.
Mr Gibbon said: “Through our Veterans Network, we are dedicated to ensuring Stagecoach remains a deeply supportive environment for the military community, both as passengers and as valued colleagues.”
Stagecoach has backed the Armed Forces Covenant since 2015.
Banbury-based Prodrive has joined forces with the British Motorsports Marshals Club (BMMC) in a new three-year partnership to back the more than 3,000 marshals represented by the BMMC.
Easily recognised by their trademark orange overalls, marshals play a critical role in the safe operation of racing events across circuits, rally stages, and hill climbs throughout the UK.
David Richards, chairman of Prodrive, said: “Motorsport simply wouldn’t happen without marshals.
“They are the backbone of our sport, giving their time, commitment and passion to ensure events run safely and successfully.”
The partnership will focus on raising awareness of the marshals’ work using the idea of ‘British Racing Orange’ and aims to strengthen the connection between the sport and its volunteer workforce.
It will also support the BMMC’s efforts to recruit, train, and equip new and existing marshals.
Chris Hobson, chair of the BMMC, said: “Marshals are one of the most visible and vital parts of motorsport.
“Our partnership with Prodrive will help us continue training and equipping marshals, helping them stay safe every time they are trackside.
“By working together, we can inspire more people to discover marshalling and join the BMMC.”
While Prodrive’s factory programmes compete globally across disciplines including endurance racing, rally-raid and beyond, the company remains deeply connected to the UK motorsport ecosystem and the marshal community that supports it.
-
Oxford News4 weeks agoJeremy Clarkson hits back with sweary response over BGT backlash
-
Student Life4 weeks agoTransgender rights protest in central Oxford following updated EHRC guidance
-
Crime & Safety4 weeks agoPhotos as 1979 Pontiac Firebird ‘bursts in flames’ at Tesco
-
Business & Technology4 weeks agoLaw firm Roythornes Solicitors opens Abingdon office
-
Business & Technology4 weeks agoFlex Health Hub officially opens at Milton Park Oxfordshire
-
Business & Technology4 weeks agoOxford firm wins major backing for fin-based tidal power
-
Oxford News4 weeks agoJeremy Clarkson reveals new Clarkson’s Farm surprise guest stars
-
UK News2 weeks agoTwo arrests and three police officers injured in protest at asylum hotel