2025 has been marked by a score of high-profile cyber incidents. A supplier breach saw operations at retail giant M&S grind to a halt, with customer data stolen and an estimated £300m in losses.
Meanwhile, a Jaguar Land-Rover incident that left production lines sitting idle for weeks is now reportedly the most economically damaging cyber event in UK history due to its impact on the business’s supply chain. Over 5,000 businesses were affected, and a full recovery is not expected until January 2026.
Black Friday presents a heightened risk of attack for organisations, as threat actors take advantage of the discount period to target consumers and businesses alike. In November 2024, UK organisations made 3,058 fraud and cybercrime reports to Action Fraud, and the reported financial losses from these incidents totalled £30.2 million.
This Black Friday, it’s time to favour strategy over reactivity. In this blog, we explore the soaring cost of cyber incidents, how the impact often goes far beyond the affected business, and what organisations can do to stay secure.
The Cost of Cyber Incidents
Data from Action Fraud paints a telling picture: between 1 November 2024 and 31st October 2025, organisations reported £957.3 million in losses to fraud and cybercrime, as a result of nearly 40,000 incidents.
In total, incidents impacting organisations made up 10% of total fraud and cybercrime reports in the UK over this period, but 29% of total financial losses; business financial loss reached £957.3 million, of a total £3.5 billion in losses.
| Month | No. of reports | Reported financial losses |
| Nov-24 | 3,058 | £30.2m |
| Dec-24 | 2,515 | £26.8m |
| Jan-25 | 3,628 | £25.8m |
| Feb-25 | 2,389 | £22.2m |
| Mar-25 | 2,915 | £28.4m |
| Apr-25 | 3,202 | £88.8m |
| May-25 | 3,016 | £41.8m |
| Jun-25 | 4,782 | £130.1m |
| Jul-25 | 3,588 | £53m |
| Aug-25 | 3,329 | £397.7m |
| Sep-25 | 3,020 | £70.2m |
| Oct-25 | 4,421 | £42.3m |
| Total | 39,863 | £957.3m |
Reported financial losses spiked in April 2025, June 2025, and August 2025, with organisations reporting 3,202, 4,782 and 3,329 incidents and £88.8million, £130.1million and £397.7million in financial losses respectively. It’s likely that these reports align with high-profile cyber incidents, such as the M&S breach in April, a renewed exploitation of the MOVEit vulnerability in June which impacted Transport for London, and the Jaguar Land Rover incident in August.
In November 2023, the average reported financial loss per incident was £8,686 (£30.2m losses / 3,500 reports); in November 2024, this rose to £9,876 per incident (£30.4m losses / 3,058 reports). We will update this blog with the November 2025 average financial loss when the data is available.
The statistics also reveal that threat actors don’t discriminate when it comes to the organisations they target – limited companies, PLCs, charities and sole traders all experienced incidents, though limited companies and PLCs experienced cyber incidents at the highest frequency.
| Type of Business | Reported incidents (Nov 1 2024-Oct 31 2025) |
| Limited Company | 21.9k |
| PLC | 10.1k |
| Other | 2.6k |
| Charity | 1.1k |
| Sole Trader | 1.1k |
| Partnership | 366 |
| LLP | 353 |
Protecting Your Business this Black Friday
Organisations ranked digital resilience as a top information security challenge (41%) in our State of Information Security Report 2025, alongside ensuring third party risk is managed and tracking compliance (also 41%) and the information security skills gap (42%). The impact of cyber incidents continues to ripple outwards, affecting operations, supply chains, customers, finances, and reputations.
So, how can organisations boost digital resilience this Black Friday – and year-round?
Employee Cybersecurity Awareness and Education
Employees are often referred to as an organisation’s first line of defence when it comes to cybersecurity. A robust cybersecurity training and awareness programme gives staff the knowledge they need to identify and report potential cyber-attacks.
A good training and awareness programme should also outline processes that must be followed in the event of an incident or breach, for example, the process staff should follow to report suspected phishing attempts.
Strong Password Hygiene
Ensuring staff use suitably complex passwords is another area in which organisations can improve security measures. Require employees to use complex passwords that:
- Are not related to personal information
- Are not used on any other site, including non-work sites
- Are kept confidential
- Do not contain your company name or product name.
Best practice suggests setting a minimum character requirement of at least 12 characters, using multi-factor authentication (MFA), and ensuring employees regularly update passwords. Additionally, using password managers can help employees generate and store passwords securely, reducing the risk of password duplication and brute force attacks.
Robust Technology and Information Security Management
Establishing and implementing strong cybersecurity practices enables your business to reduce risk and promote robust security and information management.
Consider the following:
Access Management: Effective management of users’ rights and privileges and the use of controls such as MFA on staff accounts can be critical defences against stolen credentials and unauthorised access. For example, least privilege access ensures users can only access the resources needed to do their role, limiting the impact on your organisation should an account be compromised.
Data Protection: Appropriate processes and technical controls are essential to identify, classify, and securely handle organisational data in all its forms. Tools such as information management systems or frameworks can help organisations prevent cyber criminals from accessing corporate data through email, misconfigurations, and poor security behaviours.
Secure Configuration: Focus on secure engineering solutions from the outset instead of adding them later or once an incident has occurred. This approach substantially reduces weak entry points into business networks for cybercriminals to exploit.
Patching and Software Updates: Attackers often exploit vulnerabilities in outdated software. Ensure regular installation of updates and patches for the software in your organisation and on your employee devices. Consider your” bring your own device” (BYOD) policies and controls to ensure the most robust level of security.
Stay one step ahead of the increased cyber risks this Black Friday by establishing effective and proportional controls to manage organisational data and information.
Strengthen Your Compliance Management Today
If you’re looking to start your journey to better information security, data privacy, AI governance and business resilience, we can help. Our centralised platform features the Compliance Loop: one simple solution for unified compliance.
Take a seamless, sustainable approach to information security compliance with ISO 27001, SOC 2, NIS 2, and DORA, data privacy compliance with GDPR and ISO 27701, and AI governance with ISO 42001; comply with multiple frameworks with ease. Unlock your competitive advantage today – book your demo.
