"In the recent M&S breach, only £100 million of cyber insurance was in place, far short of the £300 million in damages incurred, leaving the retail giant significantly underinsured. With more retailers relying heavily on online operations and third-party platforms, the financial impact of operational downtime from data breaches can be severe and widespread. Yet many businesses still lack adequate-or any-cyber insurance."
"The M&S breach occurred through a third-party payroll provider via a file transfer tool vulnerability, highlighting a key risk: retailers with strong internal systems remain exposed through their supply chains. Supply chain vulnerabilities are a growing concern. As the M&S incident shows, cybercriminals may exploit third-party relationships or internal service desks to gain access and move laterally. Comprehensive cyber insurance should account for the reality of today's risks, providing coverage for incidents that originate only within yo"
"The M&S cyberattack demonstrates that a well-coordinated cyber event can bring even the most established retailers to a standstill. Smaller retailers, often with fewer resources and less robust security, are even more exposed.Cyber insurance is not just about transferring risk - it's about ensuring you have access to expertise, support, and financial protection needed to recover and continue trading when the worst happens."
Retailers face heightened digital threats and rising financial exposure from cyberattacks, especially when reliant on online operations and third-party platforms. The M&S breach left the company significantly underinsured after £100 million of cyber insurance covered only a fraction of £300 million in damages. The breach exploited a third-party payroll provider via a file-transfer tool vulnerability, demonstrating supply chain exposure despite strong internal systems. Many businesses lack adequate or any cyber insurance, increasing operational downtime risks. Comprehensive risk assessments, forecasting potential incident costs, and securing sufficient cyber insurance that covers third-party-originated incidents provide expertise, support, and financial protection for recovery and continuity.
Read at Business Matters
Unable to calculate read time
Collection
[
|
...
]