According to exclusive insights provided to City A.M. by cybersecurity firm ESET, UK businesses are set to generate an estimated £27 billion in extra annual revenue from their investments in cybersecurity.
This research surfaces in the wake of a rise in cyberattacks targeting significant organizations across the nation, underlining the vital commercial and operational importance of digital security. The findings showed that 53% of UK companies report a direct boost in turnover associated with cybersecurity investments. Among these, 70% attributed winning new clientele due to strong cybersecurity credentials as a major contributor to that revenue increase. Enhanced efficiency, performance improvements, and decreased IT downtime emerged as significant secondary advantages.
Almost half of the respondents, or 44%, indicated that a solid cybersecurity framework has allowed their organization to embrace greater risks, such as venturing into new markets or incorporating innovative technologies.
The statistics come at a time when businesses are facing increased pressure to safeguard against an escalating cyber threat environment. Marks and Spencer recently revealed a cyber incident expected to cost the retailer £300 million in lost profits this year, representing about a third of its anticipated earnings. The breach compelled the company to halt online orders and is expected to disrupt operations into July. The M&S event is among several recent high-profile incidents, with others including the Co-op, Harrods, and Adidas. Cybersecurity firm EclecticIQ reported that NHS patient data was targeted in a wider healthcare-focused offensive.
ESET’s data indicated that 53% of UK businesses have already experienced at least one cyberattack, often resulting in long-term detrimental growth effects. In a different report, the firm estimated that cybercrime has cost UK companies £63 billion over the past three years.
Current data suggests a shift in business perspectives regarding cybersecurity. While risk reduction continues to be crucial, many view digital resilience as a route to growth. “The commercial benefits of strong cybersecurity are becoming increasingly hard to overlook,” stated Jake Moore, global cybersecurity adviser at ESET. “As cyber threats become more advanced, businesses understand that investing in cybersecurity is not solely about defense—it’s also about seizing opportunities.”
In line with this transition, 77% of UK firms intend to boost their cybersecurity budgets over the next year, targeting a 12% increase. Nonetheless, implementation remains a hurdle, with only 12% of businesses fully outsourcing their cybersecurity operations, even as complexity escalates and in-house expertise remains restricted. Additional data from Delinea’s 2025 Ransomware report, also shared with City A.M., reveals that 69% of firms have encountered a ransomware breach, with over a quarter facing multiple attacks. Among these incidents, 60% involved data extortion, where attackers threatened to disclose stolen information unless ransoms were paid.
Moore warned that simply investing may not be enough to keep up. “Security budgets are increasing, but that funding must be used wisely,” he stressed.
