Fix the Cyber Skills Gap: How UK Businesses Can Strengthen Defences Now

Our recent customer roundtable revealed a concerning truth: cyber attacks are not only rising in volume, but in sophistication and impact too. There is a growing disparity between the reality of threats and UK business readiness to defend against them. Incidents like the KNP Logistics ransomware attack highlight that threats are not limited to enterprises (such as the £1.9bn attack on Jaguar Land Rover). SMBs are being severely disrupted, or in some cases wiped out, by a single breach of its cyber security.

A variety of actors are targeting organisations, from nation-states to opportunistic teenagers. For UK SMBs, the challenge lies in keeping pace with these risks while managing limited time, tools, and expertise.

At Ricoh, we hear these concerns firsthand. We stay in constant dialogue with our customers across all sectors, listening to what they are experiencing and learning where support is needed most. Regular conversations and events like our recent roundtable help us proactively engage those working at the coalface, giving us a clear picture of what UK businesses are up against today.

What’s holding businesses back in cyber security?

At our customer roundtable, the businesses attending spoke openly about the pressures they are under. What they shared reflects the reality of threats in today’s cyber security landscape.

Skills and expertise gaps

Customers reported that teams are stretched, firefighting rather than proactively managing risk, and cannot recruit or retain experienced security staff. Many smaller firms lack the in-house capability to manage cyber risk effectively.

Tool overload and noise

Customers told us that adding more security tools does not always reduce risk. Instead, many described how multiple platforms generate too many alerts, causing fatigue and ultimately drowning out the signals that matter. IT teams are spending hours reviewing alerts, but are unsure which require genuine action. This drains resources and delays response time.

Human risk

Human behaviour remains a critical fault line. Customers raised concerns that phishing campaigns increasingly target senior individuals, rather than generic users. They also flagged multifactor authentication fatigue as a concern. The message was clear: technology alone is not enough. Humans remain the weakest and the strongest link.

Identity concerns and visibility

Closely associated with human risk is identity and access management. Customers at our roundtable highlighted concerns about compromised identity platforms and a lack of clear visibility into who is accessing what and when. Several said they could not confidently answer ‘who has access to this data’, ‘who had access before this incident’, or ‘when did this account last log in’. Without this visibility, detecting unauthorised access or lateral movements becomes hugely challenging.

Supply-chain pressures and customer scrutiny

Customers are aware that, for many SMBs, a breach in a partner’s system could trigger a reputational or contractual cascade. The risks facing organisations now extend beyond their own walls into their supply chains. Client audits, supplier questionnaires, and partner risk reviews are becoming more rigorous and more frequent. They are being asked to prove resilience and meet standards previously applied only to large enterprises. 

Balancing cost, risk and user experience

Customers said one of their hardest decisions is where to focus their limited budgets. Many feel caught between buying more security tools, hiring more people, or investing in neither but accepting more risk. They agreed that buying extra products each time a new threat appears is no longer a sensible or affordable approach. Instead, they want fewer, more effective layers of protection that reduce risk, integrate well with business operations, and do not frustrate users. In essence: value for money. Customers don’t want another dashboard that sits there unread. They want something people actually, consistently use, and that the board can understand at a glance.

Choosing the right cyber security partner

Ricoh brings a broad view of the UK cyber landscape, informed by the wide range of organisations we work with every day. Our cyber security partner Arctic Wolf adds deep, specialist expertise through its 24/7 security operations capability. Together, we offer customers a stronger and more practical approach to protection.

Our solution provides continuous monitoring and real-time threat detection. It delivers expert investigation and response when incidents occur. It replaces multiple tools with a single, consolidated service that cuts noise and reduces complexity. Most importantly, it gives SMBs access to skills and experience they would struggle to hire or retain in-house. 

What do customers value about our cyber security solution?

Reporting that engages leadership

Customers told us that the depth and accuracy of Arctic Wolf’s reporting gives them a clear, simple way to engage senior leaders. Weekly dashboards show the number of incidents, the true positives, and the actions taken. One customer said that sending a single screenshot to their CEO every Friday ‘blows their mind’. This clarity helps move cyber security from an IT-only concern to a regular leadership discussion.

Service and expertise during incidents

Customers said the concierge team is stellar and gives them peace of mind. When incidents do occur, the concierge team guides them through each step and manages direct communication with threat actors. This includes minimising any necessary ransom payments to restore lost data or systems. For SMBs without in-house security expertise, this level of support gives peace of mind when it matters most.

A cyber security solution with full coverage

Customers gain access to an integrated SOC service supported by identity and access visibility. They receive continuous improvement planning and practical help meeting supplier requirements and audit expectations. The service also supports reducing tool sprawl, strengthening resilience, and building a clear security journey towards recognised standards and accreditations.

Taking your next step in cyber security

Cyber threats will continue to evolve, but so can your response. Ricoh helps organisations understand where they are, define where they need to be, and navigate the journey with confidence. 

For clearer visibility and trusted expert support:

• Complete the Digital Services Maturity Indicator to identify your cyber security gaps. 
• Explore our full range of Cyber Security Services and Solutions.
• Read The State of UK Digital Transformation 2025 to learn how other businesses are doing.