Over the past few years, ransomware has become one of the most persistent and severe cybersecurity threats to organisations of all sizes. From small local operations to multinational corporations, an increasing number of businesses are falling victim to cyberattacks. Most recently, retail giant Marks & Spencer suffered a ransomware attack that halted online ordering, left shop shelves empty and cost the company hundreds of millions of pounds.
What does it mean for UK SMEs? Why is ransomware now a ‘when, not if’ threat? What can you do to survive? We explain everything you need to know about protecting your business in the article below.
Cyberattacks on the rise
Marks & Spencer’s ransomware nightmare may have gained headlines, but it’s not the only major cyberattack that organisations in the UK have experienced in the last year. The UK Government’s latest data highlights that around 19,000 businesses were hit by ransomware. This includes major, high-profile companies such as Harrods and the Co-op, as well as trusted public bodies like the British Library.
What’s behind this increase? With the rise of AI-powered attack tools, it has become much easier for hackers to perform sophisticated cybercrimes.
Why ransomware is a threat to every business
According to the Cyber Security Breaches Survey, half of businesses and a third of charities experienced some form of cybersecurity attack in 2024. The data shows that this number is even higher for medium-sized firms (70%). Yet, despite what the research clearly indicates, a misconception persists that small and medium-sized enterprises are too insignificant to draw the attention of criminals. That couldn’t be further from the truth.
Quite often, cybercriminals target specifically organisations of smaller size because they don’t have proper security practices in place. Moreover, the estimated percentage of businesses that experienced some form of ransomware incident doubled in 2024.
This upward trend signals that cyberattacks are not only a growing concern today, but will pose even greater threats in the years ahead.
…and mark our words, if you think your business is not on the radar, or a target, or of interest to cybercriminals – think again!!
How to protect your business from cyberattacks
Provide staff training
Did you know that employees’ actions are among the most common causes of security breaches? Some studies even indicate that 52% of security breaches have occurred due to human error. That’s why one of the first steps in protecting your business is providing your staff with security awareness training. Beyond basic phishing simulations, ensure that you teach your employees about vishing and smishing and reinforce safe browsing habits.
If part of your organisation works remotely, it’s even more critical to remind them of basic cybersecurity hygiene. Instruct your team never to leave their devices unattended or connect to unknown Wi-Fi networks, and to always use strong and secure passwords.
Use MDR/XDR
While training your employees is essential, it won’t be effective if the rest of your business lacks protection. The best way to enhance your security posture is to leverage MDR (Managed Detection and Response) or XDR (Extended Detection and Response). These solutions combine advanced tools with expert human analysis, which helps not only with detecting threats but also investigating and responding to them.
To put it simply, MDR or XDR provide advanced security capabilities, backed up with a Security Operations Centre actively monitoring, responding to and remediating threats, in a way that is affordable and manageable for SMEs.
Regularly back up your data
Your data is one of your organisation’s most valuable assets. To keep your business operations safe, routinely back up all your databases, files, and system images. Ideally, implement a multifaceted backup strategy to ensure that if one method is compromised, others remain intact.
Likewise, data backup shouldn’t be treated as a one-time task. Your team should be performing regular tests and updates to ensure everything is functioning as it should.
Implement network segmentation
Did you know that almost all ransomware attacks occur through the network? That’s why another important step in protecting your organisation is micro-segmenting your devices and users.
The idea is simple – divide your network into smaller zones, so that if a hacker gains access to one part, they can’t easily move to others (lateral movement – the techniques attackers use to navigate through a network after gaining initial access, aiming to reach valuable data or systems).
It’s also vital to configure your access controls and restrict authorisation levels for each user to only what’s necessary to perform their duties.
It’s may be a good idea to use security information and event management (SIEM) systems, which are beneficial for continuous monitoring.
Develop an incident response plan
As we’ve already discussed before, the consequences of a ransomware attack can be devastating, especially if your organisation is not prepared for it. If the worst does happen, having an effective incident response plan will help contain the attack and minimise the damage. So, if your business still doesn’t have one, make sure to create a plan that includes the necessary tools and procedures to detect ransomware, analyse the damage, and execute recovery processes.
Recap: 5 steps you can take today
- Audit your defences. Check your backups, network segmentation, MFA, and logging to ensure your core protections are in place.
- Deploy MDR/XDR with a trusted partner. Work with a reliable MSP to implement MDR or XDR and test your detection and response capabilities regularly.
- Schedule staff training every quarter.
- Build and test an incident response plan. Create a plan that includes recovery steps, ransom decision points, and breach notification procedures. Don’t forget to rehearse it!
- Align with your MSP, insurer, and the NCSC. Coordinate with your providers to meet insurance requirements and report serious incidents via CTAS or the NCSC.
Final thoughts
Today it’s clearer than ever – ransomware isn’t a distant threat. It’s a matter of when, not if. And when that happens, the cost of being unprepared can be devastating. In fact, even for smaller businesses, a single incident can cause damage ranging from £10,000 to £50,000, which is often enough to threaten their long-term survival. Also don’t forget how damaging this can be to your business’s reputation.
Thankfully, there are ways you can protect your business, and that starts with choosing a trusted managed services provider. Contact Ingenious today to find out how our tailored MDR/XDR solutions can help secure your business before the worst happens.
