UK cybersecurity professionals are prioritizing AI-powered threats as their top concern, with 43% identifying such attacks as their single biggest risk over the next 12 months, according to new research from ManageEngine. The survey of 1,500 IT and business decision-makers across the UK, Spain, Germany, Italy, and the Netherlands found that 41% of UK respondents plan to focus spending on tackling AI and advanced threats over the next 12 to 24 months. This shift represents a notable departure from traditional threat priorities like ransomware, phishing, and data breaches.
The heightened concern comes as UK businesses face a particularly challenging threat environment. The research found that 77% of UK organizations suffered a cyber incident in the past year, 11 percentage points higher than other European nations surveyed. Germany and Spain also identified AI-powered attacks as their top predicted risk, with investment priorities aligned accordingly across all five countries.
Operational challenges compound the threat landscape. Nearly half (46%) of UK respondents cited a skills gap driven by rapidly evolving threats as their primary operational challenge, more than nine percentage points higher than other European nations surveyed. Team fatigue and burnout affected 29% of UK respondents, the highest rate in Europe and well above the European average of 21%. Insufficient management support was also cited by 29% of UK respondents.
Despite strong detection capabilities, recovery remains problematic. While 94% of incidents are identified within 24 hours, over a quarter of organizations take more than 10 days to recover, with some exceeding 20 days. This gap between detection and recovery underscores persistent resilience challenges. Additionally, board involvement remains largely reactive, with one in five organizations reporting limited or no executive engagement, and only a third describing leadership as consistently proactive.
UK organizations are responding with increased investment in resilience measures. The country reported the highest levels of formal review processes, backup strategies, and resilience framework adoption of any surveyed nation, with 67.9% implementing a formal resilience methodology. However, post-incident responses reveal room for improvement: 13% of organizations make no strategic changes after incidents, and only 37% pursue long-term improvements. VimalRaj Sampathkumar, technical head for UKI at ManageEngine, emphasized that the focus must now shift to turning investment into operational readiness through better visibility, stronger skills, and more integrated resilience strategies.
Source: https://www.infosecurity-magazine.com/news/uk-firms-prioritize-ai-threat/