Cyberattacks in Cyprus: Every Second Company Targeted in 2025

The results of two national digital security surveys for 2025, conducted by the Office of the Commissioner for Communications and the Digital Security Authority of Cyprus, have been published.

The studies covered 459 companies and 1,043 citizens, revealing alarming trends in cybersecurity.

Businesses under fire:

• 53% of companies were subjected to cyberattacks in the last 12 months (up from 47% in 2024).
• On average, one attack is recorded every 8 days.
• More than half of the affected companies suffered financial losses — averaging 12,000 euros.
• The most common type of attack is phishing (44%).
• 48% of companies that did not face an attack believe they are "not a target."
• Almost a quarter of enterprises have not updated their cybersecurity policies for over a year.
• 43% stated they were unaware of the existence of training seminars.

Situation among citizens:

• The proportion of citizens facing cyberattacks decreased to 33% (from 49% in 2024).
• The average number of attacks per victim is 25.9 per year.
• 17% of victims suffered financial damage — averaging 141 euros.
• The most frequently targeted age group in 2025 is 35–44 years old.
• 74% of citizens are unaware of cybersecurity training programs.

However, those who completed training are more likely to use complex passwords and avoid suspicious websites.

The Digital Security Authority plans to expand information campaigns and events for businesses and the public, including the "Cybersecurity For All" festival and a cybersecurity career fair. Special attention will be given to people over 65 and educational institutions.