What is ransomware and should UK businesses be worried?

Ransomware is malicious software that encrypts your data and demands payment for its return. Approximately 19,000 UK businesses were hit by ransomware in 2025. The median UK ransom demand has doubled to $5.37 million, and average recovery costs reach $2.58 million excluding the ransom itself.

How much should a small business spend on cybersecurity?

UK businesses typically allocate 13.2% of their total IT budget to cybersecurity. More than half of UK small businesses increased their cybersecurity spending in 2024. 85% of UK firms plan to boost their cyber budget for 2026. The cost of prevention is significantly less than the average breach cost of £3,550.

Do small businesses really need cybersecurity?

Yes. 50% of small businesses (10-49 employees) reported a cybersecurity breach in 2025. UK small businesses face around 65,000 hack attempts daily, with approximately 4,500 successful breaches. More than a quarter of SMBs say a single cyber attack could put them out of business entirely.

How do supply chain attacks affect UK businesses?

Only 14% of UK businesses formally review cyber risks from their immediate suppliers. 35.5% of all global data breaches in 2024 originated from third-party compromises. Supply chain attacks add an average of £241,620 to the total cost of a breach and take 267 days to detect and contain.

What is business email compromise (BEC)?

BEC is a type of fraud where attackers impersonate executives or suppliers to trick employees into transferring funds or sharing sensitive data. BEC attacks increased 33% in 2025. The average loss per BEC incident is $137,000. Even organisations with fewer than 1,000 employees face a 70% weekly probability of a BEC attempt.

Managed SOC vs In-House Security Team: Which Is Right for Your Business?

For most UK SMEs, building an in-house security operations function is cost-prohibitive and impractical. A managed SOC provides equivalent or better coverage at a fraction of the cost — but understanding the trade-offs helps you choose the right model.

See the Comparison

Last updated: March 2026

Direct Answer

For most UK SMEs, a managed SOC is more cost-effective than building in-house. A managed SOC provides 24/7 monitoring, threat detection, and incident response on a fixed monthly fee — typically £1,500–£5,000 for a 50-user business. An in-house equivalent requires 2–3 analysts at £50,000–£80,000 each, SIEM tooling, and 24/7 shift coverage. For businesses under approximately 500 employees, managed is almost always the right answer.

Key Considerations When Comparing the Two Models

These factors determine which approach is more appropriate for your organisation's size, sector, and risk profile.

Total Cost of Ownership

An in-house SOC requires analyst salaries, SIEM licensing, EDR tooling, shift allowances, and management overhead. Managed SOC pricing is typically a fixed monthly fee.

Time to Deploy

A managed SOC can typically be operational within weeks. Hiring, onboarding, and tooling an in-house function can take six to eighteen months.

Analyst Expertise

Managed providers maintain teams with diverse specialisms and exposure to threat intelligence across many clients. In-house analysts may have narrower experience.

Control and Visibility

In-house teams offer more direct control over processes and tooling. Managed providers should offer transparent reporting and clear SLAs as an alternative.

24/7 Coverage

Staffing three eight-hour shifts with qualified analysts is expensive and operationally complex. Most managed SOC providers offer genuine 24/7 coverage as standard.

Data Sovereignty

Some organisations require security data to remain within their own environment. UK-based managed SOC providers can address most data residency concerns.