The UK retail sector experienced a significant increase in cyberattacks targeting businesses between April and May 2025, with several major brands falling victim. These breaches have caused serious operational disruption, suspended online orders, compromised the personal data of millions of customers and caused significant financial and reputational harm.
Alarmingly, this trend shows no signs of slowing down. According to the UK government, more than four in ten businesses and three in ten charities reported having cyber breaches in the last 12 months, attacks that cost the economy an estimated £27 billion per year. This trend is being driven by a range of factors, including the historical underinvestment in cybersecurity, the rapid deployment of technologies such as AI and a persistent cybersecurity skills shortage in the labour market.
Why UK retailers are increasingly vulnerable
Historically, many organisations have treated cybersecurity as an optional investment rather than an essential one, resulting in fragmented IT systems built on outdated infrastructure. These legacy systems now serve as prime entry points for attackers. According to the UK Government Cybersecurity Breaches Survey for 2025, the proportion of businesses conducting overall risk assessments currently stands at 29% and has remained in line with 2024 (31%), showing that there is overall widespread underinvestment in cybersecurity – leaving organisations vulnerable and ill-prepared.
The rise of AI is also transforming the cyber threat landscape, enabling more advanced and cost-effective methods of attack. Social engineering tactics, where individuals are psychologically manipulated into revealing sensitive information, are becoming all the more convincing. Deepfakes now exploit AI to generate realistic fake audio and video content, while password-cracking tools are increasingly AI-enhanced. In recent attacks on UK retailers, threat actors gained access via third-party systems and were able to extract large volumes of data. Indisputably, AI is lowering the barrier to entry for cybercriminals, reducing the cost, time and skill needed to launch a successful campaign.
Compounding these risks is a growing cybersecurity skills gap. Research from the Department for Science, Innovation and Technology estimates that approximately 637,000 businesses suffer from basic cybersecurity skills gaps. This means there is a mismatch between the security expertise organisations require and the skills currently available to the workforce. A paucity of skills leaves organisations increasingly exposed to significant threats and unable to respond adequately. As digital reliance deepens and the impact of attacks becomes more severe, this talent shortfall becomes a critical vulnerability.
What businesses must do now
As such, organisations must prioritise building cyber resilience. That means accepting that complete immunity from cyber threats is impossible and, instead, choosing to focus on the ability to detect, contain and recover from attacks with minimal disruption. This involves conducting a thorough assessment of the current cybersecurity posture to identify vulnerabilities, continuously monitoring evolving threats, attempting to understand adversaries’ motivations and adapting security strategies in real-time.
Next, AI can play a transformative role in strengthening defences. By augmenting human capabilities, AI can process vast datasets rapidly, supporting the early detection of threats, real-time classification of vulnerabilities and pattern recognition that would be difficult to accomplish manually. Additionally, AI-driven tools offer continuous, real-time visibility across entire networks, thereby helping to identify anomalies and gaps before they are exploited.
Finally, meaningful collaboration is essential. Businesses and government authorities must work together to provide organisations with the tools, education and support they need to improve their defences. Cross-sector cooperation can accelerate knowledge sharing, create better awareness and foster a strong collaborative response. Governments in particular have a vital role to play, particularly in updating regulatory frameworks to enforce higher security standards.
The current wave of attacks is a wake-up call. Cybersecurity can no longer be treated as a secondary concern or isolated function; it must be a core component of business strategy. With cyber threats growing in volume and sophistication, UK businesses must act urgently – building their capabilities, culture and partnerships needed to withstand and recover from the challenges ahead.
Yuval Wollman is the president of CyberProof, a UST company
Read more: To adopt AI, banks must first define the problems it’s meant to solve
