Cybersecurity: A Foundation IT Perspective for UK Business Leaders

Cyber threats are no longer just an IT issue, they are a boardroom priority. For UK-based mid-sized enterprises, the stakes have never been higher. The latest insights from OpenText, Kaseya, Gartner, coupled with Foundation IT’s experience reveal a clear message: cybersecurity is now a business survival issue.

Here are five key considerations:

#1. Supply Chain: Your Hidden Weak Spot

OpenText’s 2024 Threat Report shows that 62% of ransomware attacks now originate from software supply chain partners. Even if your internal systems are secure, a single weak vendor can expose your entire operation.

Foundation IT’s Managing Director, Andrew Sellers, puts it bluntly: “We are not talking about evolution and a gradual impact, but an organisation having the mindset to find and implement radical new ways of using technology which is being developed at pace.”

Action: Audit your third-party vendors to ensure they meet your cybersecurity standards.

#2. Your People: Risk and Resilience

Kaseya’s 2024 Security Survey found that 89% of IT professionals cite human error as their top cybersecurity challenge. In hybrid work environments, this risk is amplified.

James Grove, Head of IT at Chelsea FC, warns: “Unless companies simulate real crises, senior management might not fully realise the full enormity of the threat, and their commitment; their sponsorship is essential.”

Action: Invest in scenario-based cybersecurity training. Make it engaging, relevant, and mandatory.

#3. AI: A Double-Edged Sword

AI is transforming cybersecurity—for better and worse. Attackers use it to craft realistic phishing attacks, while defenders use it to detect threats faster. Gartner’s 2025 trends highlight the need to manage machine identities and secure AI tools.

John Stenton of JMS Horizon notes: “Artificial intelligence will make it more complex to differentiate between what is real and what is faked... regulation should be in place so that every business has at least Cyber Essentials.”

Action: Use AI-powered threat detection tools, but combine them with human oversight and strong identity governance.

#4. Ransomware: Prepare, Don’t Pay

Only 11% of businesses paid ransomware demands in 2024, thanks to better backup and recovery strategies. This shift is critical in breaking the cycle of cyber extortion.

Foundation IT emphasises the need for resilient infrastructure. Andy Sellers states: “To be able to react with immediacy requires systems, processes and core infrastructure in place.”

Action: Review your disaster recovery plan. Ensure backups are frequent, secure, and tested regularly.

#5. Cybersecurity: A Leadership Priority

Cybersecurity is no longer just an IT concern—it’s a business continuity issue. Gartner recommends outcome-driven metrics to align security with business goals.

Andy Sellers adds: “In the not too distant future, it isn’t going to be a question of adopting or you fall behind. It will be adopt or you’re out.”

Action: Make cybersecurity a standing agenda item in leadership meetings. Align your security investments with your business strategy.

Final Thought

Cybersecurity is not about fear, it’s about foresight. With the right mindset, tools, and leadership, UK businesses can turn cybersecurity from a vulnerability into a competitive advantage.

Sources

• OpenText 2024 Threat Hunter Perspective

• Kaseya 2024 Security Survey

• Gartner Cybersecurity Trends 2024 & 2025

• The Digital Imperative – Foundation IT