UK small and medium-sized enterprises (SMEs) are being urged to bolster their cyber defences amid a growing wave of politically motivated attacks, as global tensions and conflicts intensify the threat landscape.
The warning comes after a recent Sky News investigation revealed an increase in cyberattacks linked to the Iran conflict, with businesses across multiple sectors increasingly being targeted. Speaking at the NATO Summit this week, Prime Minister Sir Keir Starmer called on UK companies of all sizes to “take immediate steps to review and strengthen their defences.”
Clinton Groome, CEO of IT services and cybersecurity provider Espria, said the call to action may have come too late for some, warning that businesses can no longer afford to wait for official government alerts before taking proactive steps.
“As tensions spread globally, threat actors will continue to exploit digital vulnerabilities — and neutral businesses make for low-risk, high-impact targets,” Groome said. “This latest warning reinforces the urgency of the threat, but it also highlights a gap in the UK’s cyber readiness. Cybersecurity isn’t just about systems — it’s about people, too.”
Human error still the biggest risk
While companies often focus on technological upgrades, Groome emphasised the importance of addressing the human factor — frequently the weakest link in the security chain. He cited research from BT showing that 39% of UK SMEs — around 2 million businesses — have yet to arrange cybersecurity training for staff.
“Cyber awareness is still vastly under-emphasised,” he said. “Before investing in tools, organisations need to fortify their human firewall. Attackers exploit distraction, fear, and information overload to launch social engineering campaigns. Businesses must ensure their teams are prepared.”
Groome recommends company-wide awareness initiatives, including incident response drills, simulated phishing attacks, and regular reinforcement of cyber hygiene best practices. “The goal is a workforce that’s not only informed but also confident enough to report suspicious activity.”
Beyond employee awareness, Groome pointed to the importance of basic cyber hygiene — including multi-factor authentication (MFA), regular patching, and securing Internet of Things (IoT) devices. He also flagged the upcoming end of support for Windows 10 in October as a critical vulnerability, urging firms to migrate to Windows 11 without delay.
“Threat actors are opportunists,” he said. “The end of Windows 10 support will leave systems unpatched and wide open unless action is taken.”
Groome also stressed the importance of observability and integrated telemetry — the ability to monitor all parts of an organisation’s IT environment in real-time.
“Cyber observability is a team sport. SMEs need to consolidate visibility across endpoints, email, cloud, and identity systems to detect early indicators of compromise, such as anomalous logins or repeated MFA requests. Siloed data can’t protect a business — integrated insight can.”
Given the complexity and cost of deploying advanced security systems, many SMEs may struggle to build these capabilities in-house. Groome recommends that businesses seek support from external experts or managed security providers.
“Layered security is essential, but it can be resource-intensive. Partnerships can help SMEs scale their protection, integrate telemetry, and deliver meaningful training,” he said.
As geopolitical instability continues to drive cyber risk across the private sector, Groome concluded with a message of urgency: “Cybersecurity is no longer a ‘nice-to-have’ — it’s a survival necessity. With the right tools, knowledge, and support, businesses can build the resilience they need to weather the current storm.”
