M&S attack exposes long term cyber fallout for UK firms
The long tail of cyber attacks is becoming clearer, and more costly, for UK businesses.
New data from Hiscox revealed the long term brand and commercial damage from breaches has more than doubled in the past year, underscoring the mounting risks in an AI-driven threat landscape.
In its latest cyber readiness report, Hiscox found that 47 per cent of companies hit by cyber attacks in 2024 reported greater difficulty attracting new customers, which is more than twice the 20 per cent recorded in 2023.
Customer loss jumped from 21 per cent to 43 per cent, while brand-impacting bad publicity rose from 25, to 38 per cent.
Marks and Spencer risks becoming a case study in reputational fallout, following a major April breach that disrupted its operations for weeks and exposed customer data.
Analysts estimated that the FTSE 100 retailer lost more than £60m in online sales, while its share price has shed around £1.3bn in value.
M&S is expected to claim as much as £100m from its cyber insurance policy.
Brand trust and business partners at risk
Risks to businesses go far beyond lost sales.
One in five firms affected by cyber attacks in 2024 lost business partners, according to the report – a notable rise from 16 per cent last year.
The findings revealed how cyber vulnerabilities are now bleeding into long-term commercial relationships.
“All businesses are at risk of cyber attacks, particularly as threats evolve in line with AI developments”, said Alana Muir, head of cyber at Hiscox.
“Cyber insurance not only provides financial protection in the event of a breach but also gives businesses the resources to recover swiftly”.
The rise of generative AI is exacerbating the challenge.
Durgan Cooper, chair of tech firm CETSTAT, warned that AI is “lowering the barrier to entry” for cyber criminals, enabling faster, more personalised attacks.
With 34 per cent of firms admitting their security has been comprised by a lack of tech expertise, readiness is lagging behind threat levels.