Show Navigation
Chat now
Search
Sample pack iconSample Pack
Account
0191 27 27 327
Cybersecurity Awareness: Are You and Your Business Prepared?

Cybersecurity Awareness: Are You and Your Business Prepared?

Read Time: 5 Minutes

instantprint

16 May 2025

Cyberattacks have become an unfortunate part of working life, but for many businesses, the real threat doesn’t come from sophisticated hackers. It comes from a lack of awareness among the very people who make up their teams.

To understand the current state of cybersecurity in the UK workplace, we surveyed 1,000 employees across a range of industries. The results paint a troubling picture of overconfidence, under-preparedness, and a growing gap between responsibility and reality.

The Workplace Threat No One Wants to Own

Despite widespread media coverage of high-profile data breaches and phishing scams, many employees still don’t consider cybersecurity to be their responsibility. In fact, 60% of workers say they’ve experienced some form of cyberattack, yet only 1 in 10 believe it’s their job to help prevent one.

This disconnect is more than just a training issue—it’s a cultural one. When responsibility for cybersecurity is seen as ‘someone else’s problem’, the entire business becomes vulnerable. One careless click or reused password is often all it takes to open the door to a serious breach.

The Leadership Knowledge Gap

Unfortunately, the problem doesn’t stop with frontline employees. Managers themselves are sounding the alarm on their own lack of preparation. A staggering 85% of managers told us they need to improve their digital and cybersecurity skills, with 1 in 10 admitting they only have a basic understanding of best practices.

From recognising a phishing attempt to knowing when (and how) to escalate a concern, these are foundational skills for modern leadership. Yet many managers are left trying to guide teams without the knowledge or tools to do so confidently.

When leaders lack confidence in cybersecurity, it sets a precedent. If managers aren’t modelling secure behaviours—like using multi-factor authentication, spotting red flags in suspicious emails, or avoiding public Wi-Fi for sensitive work—how can they expect their teams to do any better?

The Human Error Factor

The uncomfortable truth is that 95% of successful cyber breaches are caused by human error. Not malicious intent. Not cutting-edge hacking tools. Just people making mistakes.

We found that 17% of employees admit they’re more likely to make cybersecurity-related mistakes on Friday afternoons—when energy dips, inboxes pile up, and judgment can slip. It’s a pattern many IT professionals know too well: a legitimate-looking email arrives at the worst possible moment, and one click later, the consequences ripple across the business.

It’s precisely because the majority of incidents stem from human behaviour that training, awareness, and habits matter so much.

Generational Gaps in Cybersecurity Training

Our survey shows that different generations have varying levels of interest in cybersecurity training. Younger employees, especially those aged 18–24, are the most eager for extra training, with 73% wanting more opportunities to protect their digital assets. Close behind are those aged 25–34, with 68% saying they'd like additional training as well.

However, interest drops among older generations. Only 45% of employees aged 45–54 and 40% of those aged 55 and older expressed interest in more cybersecurity education. This generational gap suggests that training programs should be tailored to meet the specific needs of each group. While younger employees, who are more familiar with digital technology, may already be aware of cyber risks, older employees might need more hands-on, practical training to feel confident in today’s complex digital world.

What Can Businesses Do?

The good news is that human error is preventable, and the right culture, training, and processes can make a real difference.

Start by making sure your managers are equipped. If team leaders understand what good security looks like, they’re far more likely to encourage those behaviours across their teams. This could be as simple as including cybersecurity topics in team meetings or assigning practical, role-specific e-learning modules.

Crucially, training must be regular. Cybersecurity isn’t a once-a-year exercise. Threats evolve. New scams emerge. And even the most experienced employee can fall for a well-timed phishing attempt. Keeping cybersecurity top of mind means keeping it in the conversation, especially at high-risk moments like Friday afternoons or during peak workload periods.

Cybersecurity Data Chart

At instantprint, we’ve put rigorous measures in place to build a cyber-aware culture from the inside out. As our Head of IT, Chris Dawson, explains:

“We’ve seen some highly deceptive tactics used to try and breach our systems—one of the most memorable was a USB stick sent to us, disguised as an elderly customer’s artwork. It was a clear attempt to install malicious software. Because of the measures we have in place, that device never made it into a machine. Only authorised personnel can use USB drives, and all devices are thoroughly scanned before they’re even considered for use.

On top of that, all of our office-based staff undergo monthly cybersecurity training. We know human error is the biggest risk, so we tackle it head-on—keeping everyone sharp, informed, and alert to potential threats.”

A Wake-Up Call From Government

The challenges businesses face are not going unnoticed at the highest levels. In a recent Cabinet Office statement, Pat McFadden MP, Chancellor of the Duchy of Lancaster, issued a stark warning:

“These attacks need to be a wake-up call for every business in the UK.

In a world where the cybercriminals targeting us are relentless in their pursuit of profit – with attempts being made every hour of every day – companies must treat cybersecurity as an absolute priority.

We’ve watched in real-time the disruption these attacks have caused… It serves as a powerful reminder that just as you would never leave your car or your house unlocked on your way to work, we have to treat our digital shop fronts the same way.”

With the Cyber Security and Resilience Bill on the horizon and new powers for the Technology Secretary to reinforce protections across private and public sectors, the direction is clear: security is no longer optional.

Time to Reflect

With 50% of UK businesses reporting a cybersecurity breach in the past year, the message is loud and clear: cybersecurity isn’t just an IT problem; it’s a business-wide priority. Consider this: M&S’s online store, generating nearly £4 million a day, was temporarily locked out due to a cyberattack, underscoring the financial consequences.

If you're unsure whether your business is doing enough, ask yourself:

  • Have all employees, including managers, received recent cybersecurity training?
  • Do staff feel confident identifying suspicious emails, links, or devices?
  • Are there clear processes for reporting threats or potential breaches?
  • Are secure behaviours modelled from the top down?

If the answer to any of these is "no" or "not sure," now is the time to act. When it comes to cyber threats, prevention really is better than a cure.

Craig

About the Author

Hi, I’m Craig, instantprint’s Marketing Manager. I have a passion for discovering new and innovative ways small business owners can give their marketing a boost.

Related Posts

How the GROW Model Can Help You Reach Your Business Goals

How the GROW Model Can Help You Reach Your Business Goals

What Are The 5P's of Marketing?

What Are The 5P's of Marketing?

What is Guerrilla Marketing? Definition & Inspiring Examples

What is Guerrilla Marketing? Definition & Inspiring Examples