From Marks & Spencer and Harrods to Co-op, some of the UK’s biggest and best-resourced employers have found themselves at the centre of serious cyber breaches in 2024. In Co-op’s case, the CEO confirmed the personal data of 6.5 million members had been stolen. Meanwhile, Arup hit headlines after a staff member was tricked by a deepfake video call into transferring £20 million.
The threat is growing. There were 7.78 million cyber-attacks on UK businesses in 2024 alone, costing an estimated £21 billion a year.
While these attacks often make the news for the scale of their impact, many begin with a simple mistake—someone clicking a link they shouldn’t, or failing to spot a spoofed email. And with AI now enabling attackers to produce highly personalised and convincing messages, the need to upskill every employee—not just those in IT—is clear.
We spoke to Cassandra MacDonald, Dean of the School of Technology at BPP, about why cyber security training needs to become part of every organisation’s learning strategy, and how L&D leaders can get it right…
UK
United States

