For the past decade, we have been researching consumer attitudes towards cybersecurity. Through our research with BT, CISOs under the Spotlight, one thing has become clear; concerns are growing, and trust in companies handling personal data is fragile. From financial fraud to identity theft, people feel vulnerable in the digital world, a clear finding from our consumer insight work with payments companies. For CISOs and their teams, concerns are so great discussions about their mental health have become an important topic for conferences and commentary.
So, what are consumers saying that is relevant to cybersecurity in 2025? Here are some key insights using data principally from the UK Government:
Media Awareness is High – 58% consumers say they notice reports in the media about organisations losing customer data. This suggests that cybersecurity breaches are widely publicised, and people are paying attention. Recall of the brands affected, certainly in the few weeks after a breach, is very high.
A Riskier Digital World – More than three quarters, 78%, of consumers, agree that life is riskier today than it was five years ago. This reflects global security, the aftermath of the pandemic, and growing anxieties about personal security in an increasingly connected world. The impact of AI through deep fakes, more sophisticated phishing and other frauds is being felt by consumers and organisations. 
Financial Fraud Is Underreported – Many consumers (74%) believe that organisations do not publicly admit the true extent of financial fraud. This perception creates distrust and makes it harder for companies to regain consumer confidence after a breach. Sometimes, organisations can not be open about the attacks they face but when safe, consumers expect transparency.
Data Breaches May Be Worse Than We Think – A significant majority (71%) suspect that companies have lost more customer data than they publicly report. This fuels a sense of uncertainty about how secure personal information really is. Some consumer report a sense of hopelessness or resignation about the security of their data while others still take steps to protect themselves.
Companies Need to Step Up – Most consumers (68%) believe that when large organisations suffer a data breach, they should notify all affected customers. Nearly half (49% ) think that governments should hold these companies accountable for their failures. This could be through regulation or fines.
Companies That Have Faced Cybersecurity Issues – Several major companies have suffered cybersecurity breaches in recent years, exposing customer data and raising concerns about digital security. Notable cases include the NHS (2023) and Facebook (Meta) (2021). Some cybersecurity experts say when not if to describe the likelihood of a data or network breach. This highlight vulnerabilities in data protection, the impact of unauthorised access, and the risks posed by failing to address known security weaknesses. These breaches emphasise the need for stronger cybersecurity measures, such as timely software updates, employee training, and improved incident response plans.
Identity Theft Is Hard to Fix – Among those who have experienced identity theft, 37%, say resolving the issue was extremely difficult. The challenges of restoring one’s identity highlight the long-term impact of cybercrime. If financial fraud is involved, it can take months to be fully reimbursed if ever.
Device Hacking Is a Serious Issue – Nearly a third (29%) of consumers report that resolving the hacking of their PC, tablet, or smartphone was extremely difficult. This points to a need for better security measures and customer support.
Common Types of Online Scams – Cybercriminals use various tactics to exploit individuals online. Common scams include phishing emails that trick users into revealing sensitive information, ransomware attacks that lock victims out of their files, and fraudulent e-commerce sites that steal payment details. Other scams involve impersonating tech support representatives, investment fraud, and romance scams that emotionally manipulate victims for financial gain. To protect themselves, consumers have to remain vigilant by verifying sources before sharing personal information, using secure payment methods, and reporting suspicious activities. Awareness and caution are crucial in avoiding online scams and minimising digital security risks.
Online Account Hacks Are Hard to Recover From – A quarter (25%) of consumers say recovering from an online account hack was extremely difficult. Given the reliance on digital services, this underscores the importance of strong passwords and multi-factor authentication.
What Can Davies Hickman Do?
We plan to continue tracking the emerging cybersecurity landscape. By understanding both the consumer and business experience we are able to help our clients to understand the steps they should take to protect their brand in the highly competitive marketplace that many operate. Technology can help secure networks and data but human behaviour remains a powerful lever to protect from fraudsters, scammers and organised criminals.
In short, cybersecurity is no longer just a concern for IT professionals—it affects everyone. As threats evolve, so must our defences, both at the corporate and individual levels. What do you think? Are companies doing enough to keep your data safe?
Researched and written by Naomi Waheed and Marcus Hickman at Davies Hickman.