High-profile cyber-attacks have dominated the headlines this year, whether those against Marks & Spencer, the Co-op or Jaguar Land Rover (JLR). These major cyber-attacks cause significant disruption and financial losses to businesses, with some analysts projecting the potential negative impact on JLR’s revenues to be £50 million per week during the enforced shut down. However, the majority of data breaches do not involve a third-party threat actor, with non-cyber breaches consistently making up the vast majority of data breaches notified to the Information Commissioner’s Office (ICO) each year since 2019.