Recent cyber-attacks targeting Marks & Spencer, Co-op, and Harrods have once again underscored the urgent and growing need for organisations to build cyber resilience. These high-profile breaches have made headlines and highlighted the vulnerabilities even major retailers face in the current threat landscape.
According to a recent National Cyber Security Centre (NCSC) assessment on “the near-term impact of AI on the cyber threat”, artificial intelligence (AI) is expected to significantly increase both the frequency and sophistication of cyber-attacks within the next two years.
AI-enhanced threat vectors include:
- Highly convincing phishing emails and fake websites
- Deepfake voice and video impersonation
- Biometric spoofing
- Fake online personas used to extract sensitive data, manipulate public opinion, or conduct extortion
The hacking group DragonForce, which claimed responsibility for the attacks on M&S, Co-op, and Harrods, reportedly gained access by impersonating employees, deceiving IT help desks into resetting credentials and breaching internal systems. This highlights a critical vulnerability: the human factor and reinforces the need for robust staff awareness training as a frontline defence.
In Issue 6 of the UK Resilience Lessons Digest (April 2025), the UK Resilience Academy identified six key themes and lessons from recent cyber incidents:
Theme 1: Cyber Security Hygiene
Basic controls such as timely software updates, strong passwords, anti-virus protection, and multi-factor authentication remain essential but are still inconsistently applied.
Theme 2: Planning and Preparedness
Many organisations lack dedicated cyber incident response plans, and staff are often under-trained in how to respond. Regular scenario-based exercising and improved threat detection capabilities are critical to closing this gap.
Theme 3: Incident Management
Effective response requires immediate access to response protocols and alternative communication channels if primary systems are compromised. Organisations must also plan for attacks to be timed during holidays or weekends to exploit staffing weaknesses.
Theme 4: Recovery Challenges
The emotional and operational impact of prolonged cyber incidents can be severe. Businesses must prepare for sustained recovery periods, maintain immutable backups, and ensure the ability to restore clean systems efficiently.
Theme 5: IT Infrastructure Weaknesses
Legacy systems, bespoke applications, and poor network segmentation remain high-risk. Organisations should invest in internal IT capability and have on-call access to cybersecurity experts.
Theme 6: Cyber Governance and Leadership
Cyber resilience is not just a technical issue — it’s a board-level responsibility. Senior leadership must provide clear oversight, allocate resources, and ensure the organisation is equipped to respond to cyber threats proactively and effectively.
Final Thought
Cyber resilience is no longer optional — it is a strategic necessity. As threats become more complex and AI-enhanced attacks more prevalent, businesses must move beyond awareness and commit to structured, tested, and well-governed resilience strategies.
First published on LinkedIn: Originally posted on LinkedIn