Cloudflare proudly joins the UK government's Cyber Resilience Pledge Cybercrime
Key Facts
- This trend is consistent with broader data from the UK Cyber Security Breaches Survey, which revealed that 43% of surveyed British businesses and 28% of charities reported suffering from a cyber incident this past year.
- We are grateful that DSIT's toolkit and resources are available to benchmark, reinforce, and support boards' ongoing governance efforts across the entire UK economy.
- These practices help ensure that Cloudflare's critical supply chain undergoes stringent security vetting, meeting the risk-reduction outcomes intended by Cyber Essentials.
- Most breaches still exploit well-understood gaps, like unpatched systems, weak access controls, or poor vendor oversight.
- The network is the sensor Because Cloudflare directly peers with more than 13,000 networks globally, we see attack patterns as they emerge.
- They designed systems to "fail small," and built new tooling to enforce safer configuration changes and automate best practices, so the same failure can't happen twice.
- At the end of 2025, Cloudflare data showed that the UK had risen to be the sixth-most targeted location across the globe for DDoS attacks, with threat actors increasingly targeting application-layer services in financial services, aviation, and regional government infrastructure.
- At the same time, frontier AI models are rapidly changing the security landscape, lowering the barrier to entry for attackers, and enabling more automated vulnerability scanning and more convincing phishing campaigns.
- Cloudflare is fully aligned with the UK government's mission to elevate cybersecurity governance within companies and organizations of all sizes.
- How Cloudflare helps strengthen resilience through security Thanks to the scale of our network, we can help organizations build resilience by shifting protection closer to the edge, before threats reach core systems.
This trend is consistent with broader data from the UK Cyber Security Breaches Survey, which revealed that 43% of surveyed British businesses and 28% of charities reported suffering from a cyber incident this past year. We are grateful that DSIT’s toolkit and resources are available to benchmark, reinforce, and support boards’ ongoing governance efforts across the entire UK economy.
The Criminal Operation
These practices help ensure that Cloudflare’s critical supply chain undergoes stringent security vetting, meeting the risk-reduction outcomes intended by Cyber Essentials.
Further details indicate that most breaches still exploit well-understood gaps, like unpatched systems, weak access controls, or poor vendor oversight.
The network is the sensor Because Cloudflare directly peers with more than 13,000 networks globally, we see attack patterns as they emerge.
They designed systems to “fail small,” and built new tooling to enforce safer configuration changes and automate best practices, so the same failure can’t happen twice.
Victims & Losses
Today, the UK government launched the Cyber Resilience Pledge: a voluntary framework inviting organizations to commit to foundational cybersecurity governance, board-level accountability, and thorough cybersecurity coverage across supply chains. At the end of 2025, Cloudflare data showed that the UK had risen to be the sixth-most targeted location across the globe for DDoS attacks, with threat actors increasingly targeting application-layer services in financial services, aviation, and regional government infrastructure. It asks organizations to make cyber resilience a leadership-level priority, to implement appropriate controls to boost threat awareness, and to help ensure supply chains meet a meaningful security baseline.
At the end of 2025, Cloudflare data showed that the UK had risen to be the sixth-most targeted location across the globe for DDoS attacks, with threat actors increasingly targeting application-layer services in financial services, aviation, and regional government infrastructure.
Cloudflare is fully aligned with the UK government’s mission to elevate cybersecurity governance within companies and organizations of all sizes.
How Cloudflare helps strengthen resilience through security Thanks to the scale of our network, we can help organizations build resilience by shifting protection closer to the edge, before threats reach core systems.
Protection Steps
-
In the first quarter of 2026, Cloudflare’s global network blocked an average of 234 billion cyber threats every day.
-
Recently, we mitigated a hyper-volumetric DDoS attack that peaked at 31.4 Tbps.
-
Most breaches still exploit well-understood gaps, like unpatched systems, weak access controls, or poor vendor oversight.
-
These frameworks explicitly require the implementation of firewalls, secure configurations, user access controls, malware protection, and patch management (the five core pillars of Cyber Essentials).
Analysis
Misconfigurations and patching gaps in cloud environments remain a persistent vector for unauthorized access.
Security teams should monitor vendor advisories and threat intelligence sources closely for additional context or updates. Organizations with mature security programs are advised to incorporate this intelligence into their regular risk assessments and prioritize response activities based on exposure and asset criticality. For environments where immediate remediation is not feasible, compensating controls such as network segmentation, enhanced monitoring, and access restrictions should be evaluated. Security leadership should communicate relevant details to operational teams and ensure that incident response capabilities are prepared if exploitation is observed in the wild.
Sources
Sources & References
- Source referenced in coverage https://blog.cloudflare.com/cloudflare-joins-uk-cyber-resilience-pledge/
SecurityXP delivers daily cybersecurity news, vulnerability analysis, data breach reports, and threat intelligence.
Security Digest
Get the latest cybersecurity news, vulnerability alerts, and threat intelligence delivered to your inbox.
Related Articles
Scattered Spider Hackers Plead Guilty on Day 1 of Trial Cybercrime
According to the NCA, the cyberattack at TfL forced all 28,000 employees to visit their local offices to reset their passwords and caused £29 million...
Cybercrime14,971 WordPress Sites Cleaned in Global SocGholish Takedown Cybercrime
Data from Infoblox shows that approximately 55% of its cloud customers attempted to reach SocGholish infrastructure this year alone, with the attacks...
CybercrimeConti Ransomware Conspirator Pleads Guilty in $150M Scheme Cybercrime
Department of Justice announced that Oleksii Oleksiyovych Lytvynenko, 44, admitted to participating in a conspiracy that deployed Conti ransomware against...
CybercrimeEx-school district employee jailed for hacks on former employer Cybercrime
Potter is also required to pay $59,668.81 in restitution to the Saydel Community School District and its insurer, Travelers Casualty and Surety Company, for...