TLDR: A recent focus on cybersecurity highlights a significant increase in cyber threats targeting businesses, particularly small and medium-sized enterprises (SMBs). Reports indicate a rise in incidents, with AI-enhanced tactics making attacks more sophisticated and harder to detect.
Recent analyses underscore a growing wave of cyber threats impacting businesses, with Small and Medium-sized Businesses (SMBs) facing increasingly complex challenges. While a specific N-able report detailing these threats was not directly accessible, broader industry insights confirm a concerning trend in cyber incidents.
Data from 2025 indicates that a substantial percentage of businesses have experienced cyber incidents. For instance, 74% of large businesses and 67% of medium businesses in the UK have encountered cyber incidents. Ransomware attacks have notably doubled, now affecting approximately 1% of all businesses, translating to around 19,000 organizations. Phishing remains a predominant threat, impacting 85% of breached businesses. These attacks, even when unsuccessful, consume significant staff time and resources.
The financial repercussions of cyber breaches can be severe, with average costs ranging from £1,600 to £8,260 depending on the severity of the incident. Cyber-facilitated fraud averages £5,900 per incident, and businesses frequently face repeat attacks, with an average of 30 incidents annually for those affected.
A critical factor in the escalating threat landscape is the increasing role of Artificial Intelligence (AI). AI-enhanced scams are making phishing attacks more sophisticated and difficult to detect. Experts predict that AI will almost certainly continue to improve the effectiveness and efficiency of cyber intrusion operations, leading to a higher frequency and intensity of cyber threats. This development is expected to create a ‘digital divide,’ where systems that keep pace with AI-enabled threats will be more resilient, while a large proportion of others will become more vulnerable.
Insufficient cybersecurity measures are likely to increase opportunities for state-linked actors and cyber criminals to misuse AI systems for offensive activities. The commercial cyber intrusion sector is also expected to incorporate AI into its offerings, and criminal use of AI is projected to rise significantly by 2027. Skilled cyber criminals are anticipated to focus on circumventing safeguards on available AI models and AI-enabled penetration testing tools to offer AI-enabled cyber tools ‘as a service.’ This will empower a wider range of actors, including novice cyber criminals, hackers for hire, and hacktivists, to conduct opportunistic information gathering and disruptive operations.
Also Read:
- Anticipating the AI Cyber Threat Landscape: Insights from Trend Micro’s 2025 Security Report
- AI Agents Revolutionize Cybersecurity: A New Era of Human-Machine Collaboration Emerges
To mitigate these escalating threats, businesses are urged to strengthen board accountability for cybersecurity, improve incident response preparedness, and implement proven frameworks like the UK Cyber Governance Code of Practice. Proactive cybersecurity management, rather than reactive measures, is crucial for minimizing impact and enhancing resilience in the face of evolving AI-driven cyber threats.
