Is Your Business at Risk of a Cyber Attack? The Biggest Threats Facing Organisations Online in 2025

According to Claims Director Steve Wright of Chartered insurance broker Russell Scanlan, the need for robust cyber insurance cover has become an absolute necessity for British businesses. Many think that having a sophisticated suite of cyber security measures in place is sufficient to futureproof the integrity of their digital operations, but according to figures released by Gov UK in April 2024, half of businesses (50%) and just under one third of charities (32%) reported some form of cyber security breach or attack in the last year.[1]

Steve recently sat down with Joe Burns, Founder and CEO of Reformed IT and certified ethical hacker, to break down the key threats facing businesses online, and why they shouldn’t think twice about investing in cyber liability insurance.

Joe said: “As businesses across the globe emerged from the pandemic, it became clear that the way we work and collaborate was permanently changed. Organisations are more online than ever, with hybrid working becoming the norm and the option to do your job fully remote increasingly offered by companies in the UK. In-person meetings have moved to Teams calls, quick catchups to Microsoft Teams DMs and filing cupboard contents to shared drives – making everything accessible at a quick click of a button, wherever you are in the world.

“The switch has come with immense benefits for employees looking for a little more flexibility in balancing personal and work commitments, but it has also brought significantly more cyber risks for businesses of all sizes."

“One of the biggest threats we currently see is session hijacking, targeting businesses using Microsoft 365. They’re breaking into these accounts easily, by sending emails which can appear to be legitimate, often asking you to click a link to an online document.

“When clicking through, a user is then asked to sign in with their Microsoft 365 login details and authenticate their account using multi-factor authentication. By performing what’s known as a man-in-the-middle attack, hackers can capture not only the username and password entered, but also the session cookie. This allows hackers to then bypass multi-factor authentication completely. Essentially allowing the hacker to resume your session on another device as if they’ve always been signed in. Giving them full access to your account and any data stored within it.”

For Russell Scanlan, this is something that’s become a real issue for clients and can be catastrophically damaging. Several email providers are now taking steps to allow users to restrict who can send emails from an IP address, but this doesn’t cover everyone. Further steps can be taken to enhance protection and mitigate risk.

Joe continued: “Protecting against these modern and sophisticated threats is becoming increasingly challenging, with attackers generally always one step ahead of those trying to stop them. There are however techniques that can help to mitigate these threats. It's important to reduce the attack surface area wherever possible. Because we’re now in a globally connected world, your business should question whether you really need access to your emails from global devices. If your team are only based in the UK, then why do you need to grant access from the rest of the world where a lot of these threats are coming from?”

“Further enhancements can be made to security by limiting access to specific known and trusted devices or locations. If you issue company laptops and mobile phones, these can be treated as trusted devices. Anything outside of these devices or connections made from within your offices should be treated as high risk.”

Ultimately, the threat of a cyber-attack can be mitigated, but never removed completely. Even the most alert and highly trained cyber security experts can fall victim to hackers in the workplace, particularly if they’re distracted or caught off guard in a high-pressure situation.

So, if an attack can’t be prevented, it’s essential that all the right steps have been taken to ensure that the impact is limited. This is where cyber liability insurance comes in.

Steve said: “You wouldn’t think twice about insuring the contents of your building, which is only ever under threat from those in close geographical proximity. Putting your business online, which can be worth millions of pounds, can be under threat from anyone, anywhere in the world.

“The costs associated with cyber-attacks can be high for multiple reasons. Firstly, if your business is hit with a ransomware attack, you may have to resort to paying a sum of money up front to regain control of your data. Secondly, the cost of responding to an attack is also high. Businesses will often need to fund legal and IT forensics teams, offer customer gestures in terms of a recompense, to mitigate permanent reputational damage, and foot the bill for business interruption costs.

“Many firms believe that their data back-ups will save them in the event of a cyber-attack or lock-out. But we’ve seen multiple organisations fail to regularly check the integrity of their data, leading to major issues when attempting to restore content.

“An insurance broker can help you identify what cover you need and why and work from there, identifying the right cyber liability insurance for your business and also highlighting emerging risks.”

Joe Burns is a cybersecurity expert boasting two decades of experience in the IT industry – a Certified Ethical Hacker and leading voice in the cyber security industry. Steve Wright is Claims Director at Nottingham-based Russell Scanlan, is NEBOSH qualified and offers extensive advice in minimising risk and managing the claims process for all clients.

Contact Russell Scanlan for a confidential chat with its independent cyber security insurance specialists today on 0115 798 0786 or email [email protected].

[1] Gov UK – Cyber Security Breaches Survey 2024