UK SMEs Face Rising Cyber Threats as AI Fuels Attacks, Hiscox Report Reveals
A new report from Hiscox highlights the growing cybersecurity risks facing UK small and medium-sized enterprises (SMEs), with 59% experiencing at least one attack in the past year. Released on 1 October 2025, the Cyber Readiness Report underscores how artificial intelligence (AI) is amplifying threats, enabling cybercriminals to exploit vulnerabilities through AI-generated malware, phishing schemes, and insecure code.
Despite the risks, 65% of SMEs view AI as an opportunity rather than a threat. However, Eddie Lamb, Hiscox’s global head of cyber, warns that the financial and operational consequences of attacks including fines, lost customers, and recovery costs can push businesses to the brink. The report also notes that only 60% of ransom-paying victims fully recover their data, while 31% face additional extortion demands.
The findings reveal strong support for improved cyber incident reporting, with 71% of respondents advocating for mandatory disclosure of ransom payments. Kirsten Maley of Cowbell MGA highlights the drawbacks of underreporting, including skewed risk models, mispriced insurance, and a "shame culture" that discourages victims from seeking help. Better reporting, she argues, could lead to more accurate risk assessments, faster recovery, and stronger market resilience.
Hiscox cybersecurity rating report: https://www.rankiteo.com/company/hiscox
"id": "HIS1774233087",
"linkid": "hiscox",
"type": "Cyber Attack",
"date": "10/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'location': 'UK',
'size': 'small and medium-sized enterprises',
'type': 'SME'}],
'attack_vector': ['AI-generated malware', 'phishing schemes', 'insecure code'],
'date_publicly_disclosed': '2025-10-01',
'description': 'A new report from Hiscox highlights the growing cybersecurity '
'risks facing UK small and medium-sized enterprises (SMEs), '
'with 59% experiencing at least one attack in the past year. '
'The report underscores how artificial intelligence (AI) is '
'amplifying threats, enabling cybercriminals to exploit '
'vulnerabilities through AI-generated malware, phishing '
'schemes, and insecure code. Despite the risks, 65% of SMEs '
'view AI as an opportunity rather than a threat. The financial '
'and operational consequences of attacks include fines, lost '
'customers, and recovery costs. Only 60% of ransom-paying '
'victims fully recover their data, while 31% face additional '
'extortion demands.',
'impact': {'financial_loss': True,
'legal_liabilities': True,
'operational_impact': True,
'revenue_loss': True},
'lessons_learned': 'Better reporting of cyber incidents, including mandatory '
'disclosure of ransom payments, could lead to more '
'accurate risk assessments, faster recovery, and stronger '
'market resilience. Underreporting skews risk models and '
'misprices insurance.',
'post_incident_analysis': {'root_causes': 'AI-generated malware, phishing '
'schemes, and insecure code '
'exploited by cybercriminals.'},
'ransomware': {'data_encryption': True, 'ransom_paid': True},
'recommendations': 'Improve cyber incident reporting, including mandatory '
'disclosure of ransom payments, to enhance risk '
'assessments and market resilience.',
'references': [{'date_accessed': '2025-10-01',
'source': 'Hiscox Cyber Readiness Report'}],
'regulatory_compliance': {'fines_imposed': True},
'title': 'UK SMEs Face Rising Cyber Threats as AI Fuels Attacks',
'type': ['ransomware', 'phishing', 'malware']}