Report

Ransomware continues to pose biggest cyber threat – report

in

BY Richard Summerfield

According to a new report from S-RM and FGS Global on cyber incidents, ransomware remains the biggest threat to organisations, but the widespread implementation of artificial intelligence (AI) by businesses is creating new opportunities for cyber criminals.

The report, which draws on data from over 800 incidents recording over 2025, notes that the cyber threat landscape is changing, and companies must respond accordingly.

The adoption of AI agents and automated workflows is helping to create new categories of non-human identities that can inadvertently amplify the impact of a cyber attack. Furthermore, cyber criminals are employing AI to create personalised attacks, and to identify, exploit and damage secret corporate information.

The report also notes that the number of businesses paying ransoms has increased for the first time in two years, with industrials and manufacturing companies paying more often, likely due to the operational disruption caused by these attacks.

According to the report, 24 percent of ransomware victims ended up paying out in 2025, up from 14 percent in 2024. The US continues to be at most risk of cyber attacks, with 60 percent of incidents involving US-based organisations. Asia-Pacific also recorded an increase in attacks. Over 760 organisations across the Asia-Pacific region were named on ransomware leak sites, a 59 percent increase on the previous year. The UK saw a 5 percent increase in cyber victims from 2024 to 2025.

In 2025, organisations encountered 67 different threat actors, an increase of 16 percent from the previous year. The average ransom paid was $296,000, with $1.9m the highest recorded payment cited in the report.

“We are moving into uncharted territory where the speed and sophistication of cyber attacks are out maneuvering traditional defenses,” said Jamie Smith, global managing director, cyber security at S-RM. “What once took weeks now takes days, and what took days, now takes hours. Attackers are no longer just encrypting systems; they are using AI to find the most sensitive information that could cause maximum damage to an organization and using this as leverage. The result is more targeted extortion that goes beyond generic threats of data publication. Threats are becoming specific and more personalized, designed to maximize the victim’s fear and willingness to pay.

“As more companies embed AI agents in their workflows, the risk rises exponentially,” he continued. “AI agents should be treated as untrusted identities, with least-privilege access to systems, continuous monitoring and explicit segmentation from sensitive systems or AI adoption risks creating privileged, opaque intermediaries that threat actors can manipulate for maximum harm.”

“Ransomware incidents are highly feared by Boards and leadership teams, and for good reason,” said Jenny Davey, global co-head of the crisis & issues management practice at FGS Global. “As recent high-profile attacks have shown, they can have crippling consequences on a business’s operations, financial situation and reputation – and the knock-on effects can be significant and far-reaching.

“As Boards consider the implementation of AI agents and automated workflows across their business, they must be mindful that it can be a double-edged sword: while AI can drive efficiency and performance across the business, it can also open up new attack vectors for cybercriminals to exploit and therefore present new reputational risks.

“Boards must also remain mindful of how AI is enabling cybercriminals to be more sophisticated in communications and engagement with victim organizations, and how it is driving and sharpening threats that are cyber-adjacent, such as deepfakes, synthetic media and misinformation campaigns. These can be particularly reputationally damaging if not handled swiftly and with care,” she added.

Report: Cyber Incident Insights Report 2026

UK defence sector funding hits “all-time high”, reveals new report

in ,

BY Fraser Tennant

Investments in the UK defence and national security sectors surged in 2024, with both government funding and private capital investments increasing, according to a new report by Heligan Group

In its ‘Investing in Defence 2025’ report, Heligan Group reveals that investment funding – primarily driven by venture capital for European defence, security and resilience start-ups – reached an all-time high of $5.2bn last year, nearly a fivefold increase over six years.

This boom, states the report, has been driven by geopolitical tensions and conflict, primarily the Russian war against Ukraine, which has driven greater demand for defence technology – increasing by 64 percent between 2014 and 2024.

The UK is also pursuing innovation programmes via the National Security Strategic Investment Fund and accelerators such as the Defence and Security Accelerator, with innovation centrally coordinated by the newly established UK Defence Innovation organisation.

“Public-private partnerships fundamentally reduce investment risk for private investors and provide long-term growth prospects,” said Matt Croker, a partner at Heligan Group. “PPPs also foster innovation and build the critical links and understanding between those with the need and those with the solutions.

“A new UK-European Union (EU) post-Brexit agreement also paves the way for UK-based firms’ access to the EU’s new Security Action for Europe – a €150b fund providing loans for defence projects,” he continued. “Subsequently, I believe that the long-term stability and resilience of investments in defence are improved due to a sector strongly influenced by geopolitical necessity and one that is financially backed with governmental support.”

The report also notes that alongside private equity and corporate investors. mainstream investors are playing a significant role, with a greater focus on dual-use technologies such as artificial intelligence, cyber security, autonomous systems and quantum, despite historically having shied away from such investments.

Heligan Group also recognises a tangible realignment of ethical and environmental, social and governance lines, with many seeing a momentum shift, with attitudes to defence and security investing now framed as essential for societal security and stability in the context of war in Eastern Europe.

Mr Crocker concluded: “With heightened threat levels, investors would appear to be loosening restrictions and recognising defence as a critical and necessary aspect of the overall investment landscape, as well as a potentially untapped and lucrative addition to their investment portfolios.”

Report: Investing in Defence 2025

Cyber crime costs increase – report

in

BY Richard Summerfield

An increasing number of attacks on critical infrastructure, a surge in phishing and record-breaking vulnerability disclosures are among the challenges facing companies operating today, according to a new report from critical infrastructure cyber security firm OPSWAT.

The report, OPSWAT’s inaugural Threat Landscape Report, reveals key findings from over 890,000 sandbox scans conducted over the past 12 months.

Among the key highlights within the report is the global cost of cyber crime, which is projected to reach $1.2 trillion in 2025, with downtime and lost productivity representing up to $1 trillion of that total. The report also highlighted a 127 percent rise in malware complexity and warns that traditional detection methods are falling behind, with one in 14 files initially deemed ‘safe’ by legacy systems later confirmed to be malicious. According to OPSWAT, the results underscore the need for multilayered defences and a shift away from outdated tools.

Attacks on operational technology (OT) and critical infrastructure have continued their upward trajectory in 2025. Sectors such as manufacturing, energy and utilities remain at the forefront of threat actor targeting, with financial and espionage motivations both in play. Ransomware remains one of the most prominent threats, featuring in 44 percent of all breaches across sectors and accounting for 75 percent of breaches within the system intrusion pattern. Vulnerability exploitation has also risen sharply as an initial access vector, with attackers particularly focusing on edge devices, firewalls and VPN services.

The report also made note of the surge in malware sophistication which is being driven by multi-stage execution chains and heavy obfuscation, with 7.3 percent of files missed by public OSINT feeds flagged as malicious by Filescan.io, on average 24 hours earlier. These were confirmed executions, not speculative flags, highlighting how adaptive analysis can close dangerous gaps left by static and reputation-based systems.

According to the report, malicious actors are increasingly favouring stealth over scale, concealing payloads in formats such as .NET bitmaps and steganographic images and repurposing Google services for covert command-and-control activity. Social engineering tactics are also evolving, with methods such as ‘ClickFix’ – a clipboard hijacking technique – becoming more widespread, with such attacks enjoying a bump in popularity among both criminal and nation-state actors.

Heightened regulatory scrutiny is also having an impact as it intensifies, particularly in the EU through the Network and Information Systems Security Directive 2, or NIS2, and the Cyber Resilience Act, and in North America, which is driving mandatory reporting and resilience requirements for critical infrastructure. As a result, the cyber security market itself is projected to grow at a 12.6 percent compound annual growth rate, reaching $301.9bn in 2025.

According to OPSWAT: “As critical infrastructure, government systems, and enterprise networks face growing targeting from increasingly modular and evasive malware, the findings of this report spotlight the evolving adversary playbook and the need for integrated, multilayered solutions. Cybersecurity leaders must now prioritize adaptability, shared intelligence, reassessing technology, and fast behavioral detection pipelines to protect systems from known threats, but also to keep pace with a rapidly evolving threat landscape and whatever is on the horizon.”

Report: 2025 OPSWAT Threat Landscape Report

UK healthcare M&A robust in Q1 2025, reveals new report

in

BY Fraser Tennant

Despite global economic uncertainty, M&A activity in the UK healthcare sector remained robust throughout Q1 2025 with deals continuing to flow, according to a new report by Heligan Group.

In its ‘UK Healthcare M&A Update: A Look Back at March 2025’, Heligan reveals that transaction activity across the sector remained on par with 2024 deal levels, with 59 deals completed in Q1 of 2025 – 17 in January, 17 in February and 25 in March.

Drilling down, health and social care remained the most active sector in Q1, accounting for 48 percent of total deal volume in March, driven by several lower-value transactions in the care home space.

Activity in pharma and life sciences also increased in March, representing 28 percent of deal volume, from two deals in February to seven, with oncology deals being a significant proportion of this subsector.

“Healthcare providers are increasingly adopting technologies such as remote monitoring, virtual consultations and artificial intelligence (AI)-driven triage systems to address growing patient demand and workforce challenges,” said Ramesh Jassal, a partner at Heligan Group. “These innovations are particularly focused on mental health, chronic condition management, and resource-efficient staffing, reflecting the evolving needs of modern healthcare systems.”

Key health and social care deals highlighted in the report include Eden Futures’ acquisition of Care Wish, BGF’s investment in OCL Vision, M&D Green Pharmacy Group’s acquisition of Nine Gordons Chemists stores and UK-based Pebbles Care acquiring Nurture Childcare Services.

In terms of pharmaceutical and life science deals, the majority of these were strategic acquisitions, including Swedencare’s acquisition of Summit Veterinary Pharmaceuticals and Surface Technologies’ acquisition of Accentus Medical.

However, a potential obstacle to a sustained international interest in UK healthcare assets are recent US tariffs, which are likely to introduce uncertainties that could influence future M&A activity, warranting close observation in the coming months.

“As we navigate 2025, weaker UK currency and recent US tariffs may enhance the appeal of UK healthcare assets to foreign buyers, potentially positioning the UK as a strategic gateway to the US market,” noted Mr Jassal. “However, the effectiveness of this opportunity depends on the evolving nature of US trade policies and their impact on global supply chains.”

 Report: UK Healthcare M&A Update: A Look Back at March 2025

Business confidence among UK CEO’s growing, claims new report

in

BY Fraser Tennant

Business confidence is growing among UK chief executives, despite ongoing geopolitical and macroeconomic challenges, according to a new survey report by EY-Parthenon.

The report, which evaluates chief executives’ capital allocation, investment and transformation strategies, found that 82 percent felt very or somewhat optimistic about the business landscape over the next 12 months, an increase from 67 percent in September 2024.

There is also strong confidence in their companies' performance, notes the report, with 78 percent of chief executives feeling optimistic about revenue growth, 80 percent about profitability and 77 percent about maintaining a competitive position in the next 12 months.

However, despite this optimism, chief executives are cognisant of challenges on the horizon, with 71 percent of survey respondents stating that rapid technological advancements, evolving sustainability agendas and geopolitical tensions will see a shift in compliance being a key strategic factor.

“Our latest ‘CEO Outlook’ reflects a resilient and forward-thinking mindset,” said Silvia Rindone, UK&I managing partner for strategy and transactions at EY. “However, with nearly a quarter citing cost and return on investment as key factors in shaping their digital transformation strategies, it is clear that businesses are seeking a balance between innovation and sustainable growth.”

The EY-Parthenon report also found that UK chief executives plan to undertake transformation initiatives in the next 12 months, prioritising improving customer engagement and retention (45 percent), achieving sustainability targets (43 percent), and optimising operations through digitisation and productivity enhancements (43 percent). “The coming year will be crucial for organisations to refine their transformation approach and unlock long-term value," added Ms Rindone.

Additional findings reveal that the UK remains the top destination for capital investment, with 52 percent of UK chief executives planning to invest domestically over the next year. The US, France, Germany, Canada and Switzerland were all identified as other key investment locations.

Ms Rindone concluded: “With M&A activity set to rebound in 2025, driven by strategic imperatives, digital innovation and a more favourable regulatory climate, business leaders must prioritise diligent, data-driven investment decisions to capitalise on emerging opportunities.”

Report: January 2025 EY-Parthenon CEO Outlook Survey

©2001-2026 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.