Cyber Attacks - 93% of UK Critical Infrastructure Affected

What Happened

In a startling revelation, 93% of UK critical infrastructure (CNI) organizations reported experiencing a cyber incident in the past year. This alarming statistic comes from the latest research published in Bridewell’s Cyber Security in CNI Report 2026. The findings underscore the escalating scale and impact of cyber threats across vital sectors, including energy, finance, transport, and government.

The report indicates that cyber incidents are increasingly leading to real-world disruptions. Approximately 50% of organizations experienced IT outages or operational disruptions directly linked to these attacks, while nearly one-third reported financial losses. The most common attack vectors identified were phishing and business email compromise (BEC), with organizations facing an average of 11 attacks of this nature annually. Malware incidents also remain a significant concern, averaging eight attacks per year.

Who's Being Targeted

The report reveals that the threats are not just theoretical; they are affecting the backbone of the UK economy. Organizations across various sectors are grappling with the consequences of these attacks. The rise of AI-related cyber risks has also emerged as a significant concern, with 39% of organizations identifying it as a key issue for the first time. This shift is attributed to the increasing use of AI by threat actors to enhance their attacks, particularly in developing sophisticated phishing campaigns and malware.

As organizations adopt AI technologies to bolster their defenses, more than one-third reported utilizing AI for automating incident response and supporting threat hunting. This dual-edged sword underscores the urgent need for organizations to stay ahead of attackers who are also leveraging AI.

Tactics & Techniques

The report highlights a significant shift in the motivations driving cybersecurity investments. For the first time, regulatory requirements have surpassed cyber threats themselves as the primary motivator for improving cybersecurity measures. 35% of organizations cited regulatory compliance as their main driver, an increase from 26% the previous year. However, there are inconsistencies in the implementation of key frameworks, with less than half adopting the Cyber Assessment Framework and fewer than a third compliant with NIS2.

This gap in compliance is reflected in the confidence levels of organizations, with 39% admitting low confidence in their cybersecurity measures. The report emphasizes that while frameworks are essential, merely complying on paper does not guarantee operational resilience.

Defensive Measures

Looking ahead, the report suggests that 2026 could be a pivotal year for cybersecurity across critical infrastructure. With disruptions affecting half of the organizations and cyber attacks becoming more frequent and sophisticated, a shift from awareness to execution is necessary.

Martin Riley, CTO at Bridewell, asserts that the speed of attacks now outpaces traditional response models. Organizations that can detect attacks swiftly and respond in minutes rather than hours will be the ones that succeed. As AI continues to play a central role in both attacks and defenses, governing its use safely will be a crucial challenge for organizations moving forward.