2025 IT Resilience Trends 

In 2024, GOV.UK business statistics reported a 47% increase in successful account takeovers, a 145% increase in successful ransomware and a 178% increase in successful virus, spyware or malware infiltrations between 2022 and 2024.¹

This year, in 2025, the UK Government is taking steps to strengthen national cyber defences through the Cyber Security & Resilience Bill², which states, "Our digital economy is increasingly being attacked by cyber criminals and state actors, affecting essential public services and infrastructure." UK and European regulators are enforcing deeper resilience requirements for Firms through PS21/3³ DORA⁴. 

There is an imperative to prepare for cyber threats, but planning for these failure scenarios can be challenging, especially when you can't predict the nature or timing of the failure.

There are a few things we would recommend to help if you’re not already exploring these areas, including:

• Simulating and practising recovery by exercising your scenario responses, including business, crisis management, cyber and IT; forming the muscle memory ready to perform under duress.
• Analysing your current backup, recovery and resilience schedules and component-level vulnerability risks to help understand and target areas of weakness. 
• Mapping your IT components to the business services and value chains to understand how failure in one small part of your supply chain could impact wider services and the ability to recover. 
• Development of ransomware and wiperware-specific response capabilities to help you recover when the worst happens.

Looking into the tech stack, keeping your technology resilience arsenal modern is essential. One increasing trend involves leveraging Cyber Vault technologies to help in recovery scenarios and build IT resilience. We recommend reading the recently published and Sheltered Harbour-endorsed Vault Reference Architecture from AWS, Cyber Event Recovery in Financial Services.

Enhanced protection and recovery for your crown jewels could be your best investment this year. Ultimately, resilience is moving up the investment agenda. Although ROI can be hard to justify, the fact that severe events are becoming more frequent, with governing bodies driving evolution, should prompt all organisations to take a magnifying glass to their IT Infrastructure and ensure their position. 

We are experts in Operational Resilience Learn more

¹https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2024/cyber-security-breaches-survey-2024#summary
²https://www.gov.uk/government/collections/cyber-security-and-resilience-bill
³https://www.fca.org.uk/publications/policy-statements/ps21-3-building-operational-resilience
⁴https://www.eba.europa.eu/activities/direct-supervision-and-oversight/digital-operational-resilience-act