A new Vodafone Business study has revealed that British businesses are highly vulnerable to online fraud and cyber-attacks – with more than 10% unlikely to survive should they fall victim to a major cyber incident.
The findings also found that nearly three quarters of business leaders (71%) believed that at least one member of their staff would fall for a convincing phishing email.
89% of bosses say the highly publicised cyber-attacks on well-known brands last year have made them significantly more alert to the dangers posed by online threats, though fewer than half (45%) have ensured all staff have undergone basic cyber awareness training.
To help keep businesses protected from cyber threats, Vodafone Business offers a comprehensive range of cyber security solutions.
The study, which surveyed 1,000 senior leaders across businesses of all sizes, found that over 10% admitted their organisations would be unlikely to survive an incident like those that disrupted major UK retailers and car manufacturers last year.
The poll paints a troubling picture of inadequate crisis preparedness, poor password practices, and staff susceptibility to phishing scams – all of which leave businesses exposed to cyber-crime.
With nearly two thirds of business leaders (63%) reporting that their organisation’s risk of cyber-attack has risen over the past year, password reuse remains particularly prevalent. Employers estimate that, on average, staff use their work password for up to 11 other personal accounts, including social media and dating sites.
Surprisingly, business leaders appear to be acutely aware of the risks posed by human error. Nearly three quarters (71%) believe that at least one member of their staff would fall for a convincing phishing email. The most common reasons given were: a lack of awareness and training; staff being “too busy”; and the absence of clear protocols for verifying and flagging suspicious messages.
Just one weakness anywhere in your network, or among your suppliers, can expose your entire business, says Steve Knibbs, Director of Vodafone Business Security Enhanced (VBSE), as he takes stock of cyberattacks on business supply chains – and how to protect against them.
Despite the fact that 89% of bosses say the highly publicised cyber-attacks on well-known brands last year has made them significantly more alert to the dangers posed by online threats, fewer than half (45%) have ensured all staff have undergone basic cyber-awareness training.
The emergence of artificial intelligence (AI) and deepfake scams is also causing concern. Approximately seven in ten leaders admit that deepfake AI videos have made them more wary of video calls that claim to be from senior colleagues or their boss.
The UK Government’s announcement of a second Telecommunications Fraud Charter – set to launch later this year – marks a vital step forward in strengthening the UK’s defence against increasingly sophisticated cyber-enabled crime. This renewed commitment brings industry and government closer together to close vulnerabilities, disrupt criminal activity, and protect businesses from financial or operational harm.
By enhancing collaboration and setting clearer standards for prevention, detection and response, the new charter provides a stronger, more coordinated framework to safeguard the resilience and trust that UK businesses rely on every day.
Nick Gliddon, Business Director, VodafoneThree, said: “Some of these findings are truly alarming. The revelation that one in ten business leaders believe their company would not survive a cyber-attack highlights the scale of vulnerability facing UK firms today.
“Many steps – such as avoiding password reuse and enhancing staff training – are relatively simple to implement, and Vodafone Business is here to support organisations with practical solutions and expert guidance.
“In this context, the Government’s announcement of its second Telecommunications Fraud Charter, coupled with a new fraud strategy to be launched next year, marks a significant and timely development.
“This renewed focus from policymakers underscores the seriousness of the threat and the necessity of a united approach between industry and government to effectively tackle online fraud and cyber-crime.”
