Almost a Third of UK Businesses Hit by Remote Working-Related Cybersecurity Breaches in the Past Year

The UK Cyber Security Breaches Survey 2025 reveals that 29 % of organisations suffered a remote‑working related incident in the last twelve months, and phishing accounted for 85 % of those breaches. This mirrors a historic spike in public interest: Google Trends shows phishing‑related queries reaching record highs, with searches for “phishing link checker” up 600 % and “spear phishing” up 1,500 %. The data signals not only a technical vulnerability but also a cultural shift, as employees increasingly access cloud‑based tools outside traditional office walls.

Traditional perimeter defenses, designed for on‑premise networks, struggle against attacks that target user identities and cloud applications. As businesses accelerate migration to SaaS platforms, the attack surface expands beyond firewalls to include email, collaboration suites, and file‑sharing services. Attackers exploit legitimate credentials, rendering network‑level blocks ineffective. This identity‑centric threat model forces security leaders to rethink architecture, focusing on verification at the point of access rather than assuming a secure internal network.

Security‑as‑a‑service models such as Secure Access Service Edge (SASE) address the new reality by integrating zero‑trust principles, URL filtering, malware detection, and data loss prevention into a cloud‑delivered framework. By enforcing context‑aware policies tied to user identity, SASE limits the damage of compromised accounts and reduces reliance on legacy email gateways. For UK firms—particularly medium and large enterprises facing breach rates above 60 %—adopting SASE or comparable zero‑trust solutions is becoming a strategic imperative to safeguard remote workforces and protect sensitive data.