UK Businesses ‘Sleepwalking’ into Cyber‑Attacks

UK Businesses ‘Sleepwalking’ into Cyber‑Attacks

A recently released RICS Report, Digital risks in buildings (1st edition, June 2025), warns that 27% of UK businesses suffered a cyber‑attack on their buildings in the past year, up from 16% in 2024. It goes on to highlight that 73% expect such an incident within the next two years. As buildings become smarter and more interconnected, digital threats are escalating and many organisations may be missing the warning signs.

Smart Buildings: Where Innovation Meets Vulnerability

The RICS paper stresses that buildings are no longer just physical structures, they’re complex cyber‑physical ecosystems comprising:

• Building-management systems (BMS), IoT devices, CCTV, access controls
• Connected operational technology (OT) and energy-management systems

While these systems offer efficiency and insight, they also dramatically expand the attack surface. Alarmingly, RICS notes that many still run unsupported software such as Windows 7, leaving widespread vulnerabilities.

RICS head of property practice, Paul Bagust, cautioned that firms risk “sleepwalking into cyber‑attacks” if they fail to act now.

Real‑World Cost: From Retail to Facilities

• Marks & Spencer faced a major ransomware attack in April 2025 leading to a seven-week website outage and a 20% drop in clothing sales.
• Other retailers like Harrods and Co‑op have also been targeted, showing that all sectors, especially those managing smart properties, are at risk.

Trailblaze IT: A Proactive Partner in Cyber Defence

At Trailblaze IT, we help businesses stay ahead with a two-pronged approach:

Cyber Security Review

A comprehensive assessment across critical domains, including:

• Smart-building IT, OT, IoT, endpoint, and network controls
• Software patching, access management, phishing resilience
• RAG-rated (Red-Amber-Green) scoring and tailored recommendations

This aligns closely with RICS’ advice to assess digital risks within building frameworks.

Cyber Security Packages

Customised to your needs and risk profile, our packages offer:

• 24/7 threat monitoring and detection
• Advanced endpoint protection and firewall security
• Phishing simulations with staff training
• Multi-Factor Authentication (MFA)
• Incident response and recovery support

Don’t Wait Until It’s Too Late

The RICS report emphasises that many vulnerabilities in smart buildings are avoidable and inexpensive to fix before an incident. Trailblaze IT enables this shift from reactive firefighting to proactive defence.

Tailored Cyber Resilience for Modern Buildings

With attackers exploiting AI-enhanced techniques and targeting OT and IoT systems, the threat landscape is evolving rapidly. Trailblaze IT equips your organisation to defend both digital and physical infrastructure.

Your Cyber Action Plan

1. Arrange a Cyber Security Review to map your current digital risk
2. Select a Cyber Security Package that suits your budget and infrastructure
3. Implement monitoring, controls, staff training, and incident readiness
4. Review regularly, particularly with the introduction of new technology

What to Do Next

Speak to Trailblaze IT today to book a Cyber Security Review and to help you choose a Cyber Security Package that safeguards your people, data, and buildings.