Following a year of high-profile cyber attacks across the UK, the Data Health Check returns in 2026
to provide a snapshot of the IT resilience landscape.
Based on a survey of 500 IT decision-makers, it explores the threats, barriers and priorities shaping resilience today. Explore the key findings below.
Cyber is the leading cause of downtime for the fourth year in succession and continues to drive data loss.
5 years ago, only 13% of organisations cited cyber as their biggest cause of downtime.
That figure has now more than doubled to 30%.
65% of organisations say a serious cyber attack could threaten their survival.
Once viewed primarily as an IT issue, cyber is now recognised as a critical threat to operational resilience.
The number of organisations that see AI as a greater benefit than threat continues to grow, reaching 79% in 2026.
Organisations are responding fast to both the opportunities and risks presented by AI.
85% now assess AI risk at least annually.
For the second year running, AI-driven cyber threats were identified as the biggest resilience challenge facing organisations
over the next 5 years.
With AI-driven attacks more than doubling in frequency this year, the challenge is already materialising.
1 in 4 organisations experienced a cyber incident originating from a supplier or third party, with large organisations disproportionately affected.
Business continuity planning has reached a new high. In 2026, 90% of organisations have a business continuity plan, and 81% of those are up to date.
While 3 in 4 organisations believe they are more resilient than they were 12 months ago, many still appear to approach
resilience reactively:
51% believe their organisation treats resilience as a box-ticking exercise, and 43% say resilience only becomes a focus after
something goes wrong.
Integrating IT and business resilience is the top resilience priority for organisations in 2026, followed by updating continuity plans
and improving backup processes.
AI-driven cyber threats remain the biggest resilience challenge organisations expect to face over the next 5 years.
Concerns around supply chain vulnerabilities and integrating resilience operations are growing fastest, rising by around 30%
and 40% respectively since 2025.
The Databarracks Data Health Check provides an annual snapshot of IT resilience in the UK, having tracked how organisations prepare for and
respond to disruption since 2008.
The 2026 report shows organisations preparing for a harsher resilience environment, where serious cyber disruption is no longer treated as a remote possibility.
Following a year of high-profile cyber attacks across the UK, 65% of organisations now believe a serious cyber attack could threaten their survival.
There is progress. 90% of organisations now have business continuity plans, and 4 in 5 of those are up to date. Adoption of air-gapped and immutable backups also
continues to grow, putting more organisations in a stronger position to recover from cyber attacks. That recovery capability is reflected in ransomware response:
even as attacks rise, organisations continue to hold the line on payments. 1 in 4 experienced a ransomware attack in the last 12 months. Of those, only 18% paid
the ransom, while 59% recovered from backups instead.
Confidence in continuity and recovery capability is also growing, with 76% of organisations believing they are more resilient than they were 12 months ago.
That confidence is not always backed by testing, however, and likely exceeds capability in many cases.
The overall picture is one of progress and pressure. Organisations are strengthening their resilience posture, but the threats they are facing are becoming
harder to manage through isolated teams, plans or controls. This helps explain why “integrating IT and business resilience” is the most-cited priority for
resilience in 2026.
Modern incidents cut across cyber security, IT operations, business continuity, crisis communications, suppliers and executive decision-making.
Resilience now has to operate across those boundaries.