Over the last couple of years, there has been a surge in cyber-attacks. Major incidents have occurred, impacting UK firms like Marks and Spencer’s (M&S), Co-op, and one of the most disruptive, JLR – Jaguar Land Rover. Even data centres were not immune to attack; they faced artificial intelligence (AI) augmented incidents involving credential stuffing, phishing and supply chain infiltrations.
They have led to major breaches with companies, such as Red Hat, Quantas and SK Telecom’s customer data being impacted – causing significant operational disruption by increasingly attacking partners like Snowflake to reach victims that are located downstream from the initial breach.
According to Google AI, emerging threats involve AI-driven social engineering, identity theft, and exploitation of partner ecosystems, emphasising the importance of basic security hygiene and partner verification. With AI, phishing has become more sophisticated and, consequently, harder to spot. Then there are state-sponsored campaigns targeting critical infrastructure, defence and crypto.
The weakest link
However, the weakest link is us as humans. Our own emotions can mean even the most intelligent, alert and knowledgeable person can fall for Authorised Push Payment (APP) scams that may also involve cryptocurrency payments. So, avoiding falling victim as an individual or an organisation doesn’t just involve technology. There is still a need for the human touch and for cyber-security training to keep everyone safe.
Thankfully, the UK has introduced new rules that require banks to reimburse innocent victims of APP scams. Since October 2024, they must comply with the new Payment Systems Regulator (PSR) rules. They aren’t a failsafe because it doesn’t cover payments to third parties, such as payments firms offering access to cryptocurrencies; exceptions for gross negligence also exist. So, with people increasingly turning to cryptocurrencies, there needs to be more work done to regulate the industry.
Industry collaboration
Even though there is more industry collaboration in place to tackle fraud and cyber-attacks, including with regulators, such as the Financial Conduct Authority (FCA), the Payment Systems Regulator (PSR), as well as with consumer and business groups, there is still more to do to combat this type of fraud: this often begins online. AI and machine learning (ML) tech can help to counter bad actors. However, there is a need – even within an organisation – to be able to report a potential incident and speak openly; this includes making it easier to access technical support.
UK Finance reports: “Authorised push payment (APP) fraud losses were £257.5 million in the first half of 2025, a 12 per cent increase on the same time last year. APP cases fell by eight per cent to 110,747.”
Data breach cost: $4.44 million in 2025
So, data breaches aren’t the only concern of which individuals and organisations need to be aware. However, they remain a significant issue, and the way to prevent them is by putting systems, processes, training, and even counselling in place. Rob Sobers, writing for Varonis, reveals the ‘Data Breach Statistics & Trends [updated 2025].’ Citing figures from IBM, he finds that “the global average cost of a data breach was $4.44 million in 2025, a slight drop from the record high of $4.88 million in 2024.” The most expensive healthcare breaches occur in Healthcare.
IBM’s research reports that healthcare data breaches cost on average “$7.42 million, a drop from $9.77 million the year before.” While it does suggest there has been a fall in the overall average of the number of data breaches, the problem remains significant – particularly as IBM says the “average cost of a mega-breach of 50 to 60 million records in 2024 is $375 million, a $43 million increase from 2023.”
He notes that Verizon says, “67% of data breaches involved external actors, while 30% involved internal actors.” The company finds that ransomware was involved in 44% of breaches, up from 32% the year prior, and that only 10% of breaches involved state-affiliated actors. The vast majority of breaches are attributed to organised cybercriminal gangs.
‘Prevention is better than a cure’
It’s therefore crucial to still follow an approach that follows the old adage of “Prevention is better than a cure.” That includes backing up customer and operational data to ensure business and service continuity whenever a successful attack occurs. Obviously, measures also have to be put in place to prevent any cyber-attacks from achieving its goal – disruption and in the case of ransomware, the payment of a significant huge ransom. Still, backing up in at least 3 disparate locations is essential, and the most sensitive data requires an air-gap.
The problem is - even in 2025 - there are very few technologies that can accelerate encrypted data over wide area networks (WANs). WAN Optimisation can’t do it – to send encrypted data, an organisation has to first of all unencrypt it – leaving it vulnerable to the people performing the task, or to bad actors while in transit; then the same keys have to be used to re-encrypt it all. As for WAN performance, there is often no significant increase in data transfer speeds and bandwidth utilisation can be found to be lacking.
SD-WANs are often seen as the answer, but they often need a boost. There are also sectors such as defence that need a performant WAN that can totally expedite and receive encrypted data. To do this with SD-WANs requires a WAN Acceleration overlay. It works by mitigating the effects of latency and packet loss, while also utilising AI and ML to permit data parallelisation, helping to improve bandwidth utilisation by 98%. More to the point, the data remains encrypted, and not even a company such as Bridgeworks and its team can see the data. Nor can any bad actor.
A better WAN tomorrow
Going forth into 2026 with WAN Acceleration, which is sometimes also called Data Acceleration, means that companies and organisations can have a better WAN tomorrow. Cyber-attacks will occur in the New Year. That’s a given. Nevertheless, for everyone it’s vital to put support systems and technologies in place to thwart the attempts of hackers and scammers to allow for a happy and prosperous year ahead. The exception is for those miscreants that want to stop us. They can be obfuscated with WAN Acceleration, and by talking to experts who can help to prevent attacks.
