In 2025, the UK’s cyber resilience has been tested like never before. Major brands have made headlines after suffering disruptive cyberattacks, forcing them to halt operations and exposing sensitive customer data.

These incidents are not isolated. The UK government’s latest Cyber Security Breaches Survey reveals that 43 per cent of UK businesses experienced a cyber breach or attack in the past year, rising to 74 per cent among large organisations. Phishing remains the most prevalent and disruptive threat, and the financial and reputational costs are mounting. 

For IT decision makers, the message is clear: robust device management is no longer optional, it’s a strategic imperative. 

The evolving threat landscape

• Identity is the new perimeter: With traditional network boundaries dissolving, user identities have become the frontline of defence. Almost all (97 per cent) identity hacks are password spray or brute force attacks. Despite headlines proclaiming more sophisticated attacks, the majority of identity-based attacks still target weak or reused passwords.

• Ransomware on the rise: Human-operated ransomware attacks have surged, with 90 per cent of successful breaches originating from unmanaged devices outside the visibility and control of IT. 

• The AI impact: AI-driven phishing is now three times more effective than traditional methods. The increasing use of AI by attackers poses new challenges for detection and response, although AI can equally be used to defend against attacks such as by detecting anomalous sign-in patterns.

Why Traditional Approaches Fall Short 

Legacy Mobile Device Management (MDM) is no longer sufficient. The modern enterprise requires Unified Endpoint Management (UEM) and Unified Endpoint Security (UES) – these integrate antivirus, encryption, detection, and response into a single platform, ensuring consistent security across all devices and operating systems. 

How enhanced device management protects your organisation 

1. Limit identity breaches by adopting… 

• Mandatory Multi-Factor Authentication (MFA): Enforce phishing resistant MFA across all devices to drastically reduce the risk of unauthorised access, even if passwords are compromised. 

• Adaptive Access Policies: Integrate with Identity and Access Management (IAM) systems to trigger additional authentication or restrict access based on risk factors like device health, location, or user behaviour. 

• Continuous Monitoring & Zero Trust: Leverage AI and machine learning to monitor for anomalies, enforce “never trust, always verify” principles, and detect compromised credentials before they’re exploited. 

2. Prevent data breaches with… 

• Robust Encryption: Ensure data is encrypted both in transit and at rest, including full-disk encryption and protection for removable media. 

• Data Loss Prevention (DLP): Flag, track, and control sensitive data to prevent unauthorised sharing or exposure. 

• Remote Device Control: Instantly lock or wipe lost or stolen devices to prevent data leaks. 

Turning theory into practice 

Addressing Unmanaged Devices 

• Device Discovery: Use tools like Microsoft Defender for Endpoint to identify all devices (managed and unmanaged) on your network. 

• Onboarding: Bring unmanaged endpoints under management to close visibility gaps and reduce vulnerabilities. 

Leveraging Microsoft’s Ecosystem 

• Microsoft 365 & Defender Suite: Deploy built-in MDM, DLP, and Conditional Access Policies for consistent, integrated security. 

• Intune Security Baselines: Rapidly deploy recommended security configurations to all managed devices, addressing the root cause of most breaches – poor configuration. 

Navigating the Age of AI 

• BYOAI Risks: With four in five AI users bringing their own tools to work, device management is essential for controlling application use and preventing data leakage using tools like Microsoft Defender for Cloud Apps.  

• AI-Driven Security: Modern device management platforms use AI to predict threats, automate policy updates, and shift security from reactive to proactive. 

What next?

1. Assess your current device management posture: Identify unmanaged devices, poor configurations, and BYOAI risks. 
2. Adopt a unified, AI-powered device management strategy: Leverage Microsoft’s ecosystem and you’re existing M365 investment for comprehensive protection. 
3. Don’t wait for a breach: Proactive action today is the best defence for tomorrow’s threats.