New analysis reveals information, tech, and professional sectors most at risk as flexible offices rise in popularity. This comes at a time where aroundย 21ย million British computer users risk becoming vulnerable to cyberattacks and scams tomorrow, with Microsoft ending updates for its decade-old Windows 10 system…
Over two-fifths of businesses (43%) reported experiencing a cyber security breach or attack in the last 12 months, equating to approximately 612,000 businesses across the UK.ย
As remote and flexible working continue to shape the UKโs professional landscape, shared offices and coworking environments have become vital for collaboration and growth. Yet the increased use of shared networks, devices, and systems has also opened new doors for cybercriminals.ย
Microsoft has warned 400 million Windows users worldwide to brace for potential security threats once support stops, leaving many PCs exposed.ย
Office infrastructure experts, Co-space, analysed government data to identify which sectors were most affected by security breaches and how the right workspace environment can reduce risk.ย
โWorkplace scams have become more sophisticated, and shared workspaces can unintentionally provide an attractive entry point if businesses are not properly protected,โ said William Stokes, CEO of Co-space. โWhether through free Wi-Fi, communal devices, or the diversity of tenants, open environments demand a greater focus on cyber hygiene. Awareness and prevention are key.โย
Most targeted sectors by cyberattacks over the past 12 months:
| Industry Sectorย | % of Businesses Targetedย |
| Information or communicationsย | 69%ย |
| Professional, scientific or technicalย | 55%ย |
| Administration or real estateย | 48%ย |
| Finance or insuranceย | 48%ย |
| Utilities or productionย | 48%ย |
| Businesses overallย | 43%ย |
| Entertainment or serviceย | 42%ย |
| Health or social careย | 41%ย |
| Constructionย | 40%ย |
| Transport or storageย | 35%ย |
| Retail or wholesaleย | 32%ย |
| Food or hospitalityย | 30%ย |
ย
Technology-driven and information-rich sectors, such as information and communications (69%) and professional, scientific or technical services (55%), remain the most targeted by cyberattacks.ย ย
These industries handle high volumes of sensitive client and financial data, making them natural focuses for cybercriminals.ย
Finance, insurance and utilities sectors also report high breach rates (48%), reflecting both the complexity of their operations and the value of their digital assets.ย ย
By contrast, industries like hospitality, retail, and food services show lower rates of breaches, though they still face risks from scams involving payments or customer data.ย
However, the growing popularity of flexible office environments, particularly among administrative, real estate, and service industries (42-48%), shows that coworking has become a mainstream business model.ย ย
ย
Modern workspace operators are meeting this demand with enterprise-grade digital protection, including managed Wi-Fi, access controls, and real-time network monitoring systems that small and mid-sized firms might otherwise struggle to afford.ย ย
Phishing remains the UKโs most common form of cyberattack, though reports have dipped slightly from 42% in 2024 to 37% in 2025.ย
Other leading threats include ransomware, spyware, and identity theft, which continue to affect businesses across all industries, whether remote, hybrid, or office based. In total, 43% of businesses overall experienced some form of cyberattack over the past year.ย
To help businesses stay protected in flexible or shared environments, Co-space recommends:
ย
- Educating teams to spot phishing and suspicious communicationsย
- Using VPNs, strong passwords, and multi-factor authentication on shared networksย
- Regularly updating and patching systems to close vulnerabilitiesย
- Verifying all payments and invoices via trusted secondary channelsย
- Segmenting Wi-Fi to separate business data from guest accessย
- Monitoring connected devices, including printers and IoT equipment, for unusual activityย
ย
โCyber risks arenโt going away, but neither is the shift to flexible work,โ said William. โThe way we work has evolved faster than the way many organisations protect themselves online. Shared and hybrid environments bring people, systems and ideas together, that combination can create both opportunity and exposure.ย
โThe real risk isnโt the workspace itself, but complacency. When teams share networks, devices or platforms, even one moment of inattention can open the door to an attacker. Strong security discipline, two-factor authentication and simple awareness of suspicious activity can prevent far more damage than expensive software ever will.ย
โAs businesses continue blending physical and digital spaces, cybersecurity must become a shared responsibility. Itโs not just an IT issue anymore, itโs a professional skill. Protecting data is now part of protecting productivity.โย
