The United Kingdom has recorded the highest artificial intelligence (AI)-era cyber attack rate of any country in a new five-nation European survey, with 77% of British organizations reporting a cyber incident in the past year, 11 percentage points above the European average.

Yet the same research shows the UK ranking first in Europe for cybersecurity maturity, formal resilience frameworks and executive engagement, presenting what one senior industry figure has called a resilience paradox.

The findings, drawn from a ManageEngine survey of 1,514 information technology (IT) and business decision-makers across the UK, Spain, Germany, Italy and the Netherlands, suggest that visibility and maturity are amplifying rather than suppressing the number of attacks.

A highly digitized, interconnected infrastructure combined with rapid cloud adoption and hybrid working has elevated Britain's exposure. The challenge facing organizations is no longer primarily one of prevention.

“UK organizations are facing one of the most challenging cyberthreat environments in Europe, with attacks growing in both volume and sophistication. However, the findings also show that businesses are responding proactively by investing in resilience, strengthening governance and prioritizing preparedness for AI-driven threats,” said VimalRaj Sampathkumar, technical head for the UK and Ireland at ManageEngine.

Sampathkumar framed the situation as a structural shift in how British organizations think about risk. Cyber security in the UK is no longer primarily a prevention problem. Organizations are assuming attacks will happen, and the focus has moved to how quickly they can detect, respond and recover.

“What stands out amongst the findings is not a lack of awareness but rather the sheer operational strain organizations are under. UK businesses are investing, formalizing resilience practices, and increasing board engagement, but attackers are evolving just as quickly,” he said.

The gap between detection and recovery is one of the study’s most striking findings. While 94% of UK organizations detect incidents within 24 hours, fewer than half recover within 10 days. About 26% said recovery can extend beyond 10 days, with approximately 6% taking more than 20 days.

Nearly all UK organizations (96%) conducted a formal review after an attack, and 83% implemented at least some post-incident improvement. However, 13% resolved the incident without making any strategic changes, and only 37% adopted broader, long-term improvements.

ManageEngine is a division of Zoho Corporation and provides enterprise IT management software spanning IT service management, endpoint management, identity and access management, privilege account management and security information and event management (SIEM). The company has more than 60 integrated products.

Sampathkumar and senior technology evangelist Vivin K Sathyan presented the survey findings at a media briefing in London ahead of Infosecurity Europe 2026.

AI attacks accelerate

On June 2, Sampathkumar and senior technology evangelist Vivin K Sathyan at ManageEngine presented findings from the company's Owning Operational Resilience in 2026 report at a media briefing in London ahead of Infosecurity Europe 2026.

Also in attendance was Muiez Azeez, senior IT administrator at the University of Bedfordshire, who offered a customer perspective on the pressures facing British institutions.

About 43% of UK respondents predict that AI-powered attacks will be their biggest risk over the next 12 months, ahead of traditional threats such as ransomware, phishing and data breaches. AI and advanced threat preparedness will be the top spending commitment for 41% of UK organizations over the next 12 to 24 months.

“We are seeing an uptick in the number of AI-related attacks, so the defense also has to be on the same level, though we are still catching up,” Sathyan said.

He said identity-related threats are the primary category where AI is amplifying risk. Decoding user and entity behaviors has become significantly harder as AI enables attackers to blend in with normal network activity.

Sathyan said the approach ManageEngine takes to address this challenge is risk scoring, looking at dynamic parameters alongside static ones to add more context. He said organizations using multiple siloed tools can no longer decode behaviors the way they once could.

Sampathkumar said the nature of the threat had not fundamentally changed but its reach had.

“It is not a new type of attack that is emerging. The difference is the scale and speed at which attackers can now infiltrate a company’s network. Where an attacker could traditionally infiltrate 10 machines at a time, with AI the same person can now infiltrate 1,000 machines simultaneously,” he said.

The operational pressure bearing down on IT and security teams compounds the threat picture. About 46% of UK respondents cited a skills gap driven by rapidly evolving threats as their primary operational challenge, the highest of any country surveyed and 9 percentage points above the European average of 37%.

Separately, 60% said pressure on their teams had increased over the past 12 months, and one in four said workload had critically limited their ability to prevent or respond to incidents.

“The shift has now moved from alert fatigue or technical fatigue. It is not that companies do not know what to do in the event of an incident. It is that they are operationally stretched,” Sathyan said.

Team fatigue and burnout were cited as a key challenge by 29% of UK respondents, the highest rate in Europe and notably above the European average of 21%. Insufficient support from management was cited at the same level.

“When you have the right context in hand, you will be able to solve the problems a lot more quickly and recover faster. But when you do not have enough context to act, you do not know what you are really fighting,” he said.

Sathyan said fragmented tooling is the root cause of operational overload. When identity and access management, SIEM, endpoint management and vulnerability tools operate independently, teams lose the holistic view needed to respond effectively. Adding more tools is not the answer; contextual integration between existing ones is.

Zia LLM and agents

ManageEngine has built its own large language model (LLM) in response to customer concerns about sharing data with hyperscalers. The model, called Zia LLM, is designed around a right-sizing principle.

“Customers want to adopt AI but are very concerned about sharing data with hyperscalers,” Sampathkumar said.

He said customers sometimes want data processed internally within their own tools, with the AI built internally, and that this was one of the reasons the company built its own LLM.

Sathyan said the company has operated an AI research initiative for 12 to 13 years, moving from basic machine learning to its current LLM. He said enterprise customers can be served effectively with a few billion model parameters rather than trillions, avoiding unnecessary computational cost.

“When all the noise settles, only contextual AI stands out. The overall idea is not to introduce AI as a separate entity, but to integrate it contextually into existing offerings so that end users get more value out of the box,” he said.

ManageEngine also offers integrations with hyperscaler AI providers for customers who prefer that route. Its copilot product, Ask Zia, functions as a conversational assistant embedded within existing tools. Through its Agent Studio marketplace, customers, partners and developers can create and customize their own AI agents.

The proliferation of AI agents is creating a new governance problem that few organizations have yet addressed. When a single user deploys multiple agents, each agent inherits that user’s identity and permissions, making it nearly impossible to audit individual agent actions or enforce least-privilege access.

“When one physical user fires off multiple AI agents to do their job, you have multiple agentic identities mapped to the same user. We will have to have governance policies and auditing rails in place, and we are actually looking at that possibility,” Sathyan said.

He said a small number of large enterprises deploying agents at scale are beginning to adopt what he called AASB (agent-as-security-broker), a framework analogous to CASB (cloud access security broker). The key questions are whether agents operate with just-in-time access or carry bloated standing permissions inherited from the human user.

Azeez said the education sector faces a particular version of these pressures, shaped by chronic under-resourcing and an open, collaborative operating model.

“In the education sector, you are limited with staff and you have to manage within that. On top of that, you have too many collaborations, because that is how teaching works. There is so much load on the cybersecurity side to keep everything secure,” he said.

The University of Bedfordshire is actively evaluating a security operations center (SOC) solution and working to build AI security visibility into that function.

Azeez said higher education institutions vary widely in maturity, with some domains fully mapped while others remain exposed. The university is audited annually and its resilience posture has improved year by year.

“The most resilient organizations over the next few years will likely be those that combine strong governance, operational simplicity and trusted AI-driven security,” Sampathkumar said.

For the UK, the survey suggests that combination is within reach, but assembling it under growing operational strain and accelerating AI threats will define the next phase of Britain’s cyber resilience story.