In a stark reminder that no business, no matter how large, is immune to threats, Marks & Spencer (M&S) recently suffered a serious cyber security breach. A significant cyber incident forced the retailer to pause all online orders. Customers reported issues with online payments, Click & Collect services, and gift cards across the company’s platforms.
In response to the ongoing fallout, M&S issued refunds for orders placed, apologised publicly, and enlisted leading cyber experts to support their recovery efforts. The company’s shares dropped by five percent following the announcement. Although M&S stores have remained open, a major disruption severely affected online sales, which account for almost a quarter of their revenue.
This incident highlights how quickly a cyber security breach can cause widespread operational and financial damage. For businesses of all sizes, the message is clear: robust cyber security is essential to prevent a cyber security breach.
At The Unite Group, we help organisations protect themselves through government-backed schemes like Cyber Essentials and Cyber Essentials Plus. It is vital to act now before a cyber breach causes disruption and loss.
Why Cyber Breaches Are a Growing Threat
Cyber criminals are becoming more sophisticated. Cybercriminals are no longer targeting just large corporations; they are now focusing on small and medium-sized businesses, often viewing them as easier targets with weaker defences.
The M&S cyber breach shows that vulnerabilities can affect even the biggest names in retail. Third-party vendors, payment systems, and remote working environments can all introduce risks. Without strong, independently verified security measures, businesses leave themselves exposed to breaches, financial loss, and reputational damage.
M&S quickly informed the Information Commissioner’s Office and the National Cyber Security Centre, highlighting the seriousness of the breach and the legal obligations companies face when personal or financial data is compromised. A cyber breach severely damages customer trust, and rebuilding that relationship can be extremely difficult and costly.
What Is Cyber Essentials and How Can It Help?
Cyber Essentials is a government-backed certification scheme designed to help businesses protect themselves from the most common cyber threats. It outlines a clear set of security controls that significantly reduce the risk of attack, defending against around 80 percent of the most basic cyber breaches.
The scheme focuses on five key areas:
- Access Control: Managing who has administrative access so that sensitive information is restricted to authorised users.
- Software Updates: Keeping all systems updated and patched to protect against known vulnerabilities.
- Firewalls and Routers: Creating a protective barrier between your internal network and external threats.
- Secure Configuration: Ensuring devices and software are set up securely, with unnecessary features and accounts removed.
- Malware Protection: Using correctly configured anti-malware solutions to detect and prevent attacks.
Cyber Essentials ensures that your business has strong foundational defences in place. It is a crucial step for organisations that want to protect their systems and customers from a potential cyber breach.
Going Further with Cyber Essentials Plus
For businesses that want a higher level of protection, Cyber Essentials Plus offers a more detailed certification. It includes an independent technical audit, vulnerability scans, and in-depth checks on both internal and external systems.
Achieving Cyber Essentials Plus shows that a business takes cyber security seriously. It reassures customers, suppliers, and partners that systems are tested and robust.
The key benefits of certification include:
- Protection against a wide range of cyber threats
- Increased trust from customers and partners
- Eligibility to work with Government departments and the Ministry of Defence
- A clear demonstration of your commitment to data protection
- Global recognition as a business that values cyber security
Why Choose The Unite Group?
At The Unite Group, we do more than guide you through the certification process. Our team of fully qualified Cyber Essentials practitioners manages everything for you, from the initial assessment to issuing your certification.
We offer a fixed-cost service with no hidden charges, giving you clear guidance every step of the way. Whether you need Cyber Essentials or Cyber Essentials Plus, we make the process simple and straightforward.
Most importantly, we help you create lasting cyber security practices that protect your business against the growing risk of a future cyber breach.
Do Not Wait Until It Is Too Late
The M&S cyber security breach has shown that even the most respected brands can be vulnerable. Do not wait for a cyber security breach to damage your reputation, disrupt your operations, and affect your bottom line.
Investing in your cyber security now is one of the smartest decisions you can make. If you would like to learn more about how Cyber Essentials can protect your business, contact The Unite Group today on 0191 466 1050 or email info@theunitegroup.co.uk.
Protect your business today with The Unite Group.