Tag Archives: cyber maturity

A Decade of the UK Cyber Security Breaches Survey: Trends, Plateaus, and What Actually Changed

Leave a Reply

The UK Cyber Security Breaches Survey, viewed over time, reveals not progress but stabilisation. Breach rates remain persistently high, attack methods largely unchanged, and improvements in governance lag behind rising exposure. The data shows a system that has normalised insecurity, where awareness has increased, but action has not kept pace, resulting in a steady-state of widespread, structurally embedded cyber risk.

Continue reading

The UK Cyber Security Breaches Survey 2025/26: Stagnation, Scale, and the Illusion of Progress

Leave a Reply

The UK Cyber Security Breaches Survey 2025/26 suggests stability, but closer analysis reveals a system stuck in place rather than improving. Breaches remain widespread, detection uneven, and incentives misaligned. What looks like progress is often an artefact of measurement. This article argues the UK has reached a cybersecurity plateau, where risk is normalised, resilience is incomplete, and meaningful change will require structural, not incremental, intervention.

Continue reading

The Future of Cyber Resilience Testing: Reflections on a Scheme in Transition

Leave a Reply

This blog article offers a critical yet constructive reflection on the UK’s Cyber Resilience Testing (CRT) initiative. While CRT is conceptually sound and timely, significant questions remain around cost, demand, usability, policy intent, and delivery responsibility. The article explores whether CRT is positioned to become a meaningful standard or risks being sidelined as another voluntary layer. It advocates for clearer articulation of purpose, audience targeting, and strategic alignment to unlock CRT’s full potential.

Continue reading