According to new research entitled Cyber Security in Critical National Infrastructure: 2025, from Bridewell, a leading UK-based cyber security services provider, one-third of UK CNI organisations targeted by ransomware admitted to paying the ransom – a practice which has been hotly debated in recent times. Furthermore, a staggering 95% of UK Critical National Infrastructure (CNI) organisations experienced a data breach in the past year. The report also revealed that over half (54%) reported financial losses exceeding £100,000 per breach, with cyber security upgrades, systems recovery and increased operational costs contributing to the bulk of the expenses.
The findings further reinforced the growing cyber threats facing UK CNI organisations, particularly ransomware, phishing and unauthorised access, which continue to plague them as the top three most frequent types of attack. Other significant findings from the report conducted by Censuswide on over 600 cyber security professionals in UK CNI organisations, included:
Response times and detection priorities
Speed of incident response remains a key challenge, with only 22% of organisations able to respond to a ransomware attack within an hour, while 69% manage to respond within six hours. As a result, improving incident detection speed has emerged as the fastest-growing priority for UK CNI organisations over the past two years.
Cloud services are a prime target and data protection concerns loom
Cloud services have become the most targeted attack vector across IT and OT environments in UK CNI sectors according to the respondents, with web browsing and internet access cited as the second main avenue for attack amongst these organisations. Data protection remains a significant concern, with 90% of organisations expressing worries about meeting compliance requirements.
AI-driven cyber threats on the rise, as is AI adoption itself
Artificial intelligence is reshaping the cyber threat landscape, with AI-driven phishing emerging as the top AI-powered attack vector (with 83% of respondents citing it as a top concern). Automated hacking and AI-powered botnets follow closely behind. A remarkable 95% of UK CNI organisations are integrating AI-driven tools into their operations.
Cyber security strategies and maturity concerns
Despite 90% of respondents believing they have a mature IT cyber security strategy, only a quarter are following best practices for cyber risk assessments. Confidence in Operational Technology (OT) security maturity is even lower, with just 34% describing their OT security as “very mature,” compared to 44% for IT security.
Addressing the cyber security talent gap
To address the cyber security skills shortage, UK CNI organisations are focusing on reskilling current employees, outsourcing to external partners and developing apprenticeship programmes over the next two to three years.
Supply chain vulnerabilities persist
Despite the growing reliance on third-party providers, only 42% of UK CNI organisations are “very confident” in their ability to handle supply chain cyber threats. And 57% of respondents experienced a supply chain attack in the past year. The top three supply chain attacks experienced were firmware attacks, data interception and tampering and third-party service provider breaches.
“As cyber threats continue to evolve, UK CNI organisations must prioritise rapid incident detection and response, as well as bolster their cyber security maturity and strengthen resilience against supply chain risks,” said Anthony Young, CEO at Bridewell. “With AI taking a bigger role in both attacks and defences, organisations must remain proactive to safeguard critical infrastructure and national security, especially in a tumultuous geo-political climate.”
The full report can be downloaded here
