In the past couple of months, cyber attacks on well-known brands have been making headlines across the º£½ÇÊÓƵ, but what's going on behind the scenes?
Since late April, major brands including M&S, Co-op, Harrods, Dior and Peter Green Chilled have all fallen victim to cyber attacks, leading to financial losses, as reported by .
However, no company has been hit as hard as M&S. Since 22 April, when its online services were suspended, customers of the FTSE 100 retailer have been unable to purchase M&S products online.
Despite this, M&S had cyber insurance coverage, so while it estimates losses of around £300m, its insurance should cover up to £100m, unlike Co-op and Harrods, which, according to Insurance Insider, did not have a cyber insurance policy.
There has never been a better advertisement for having cyber insurance coverage and a strategy in place.
So, with a recent spate of attacks targeting, among others, the retail sector, what happens behind the scenes?
Crisis mode
For companies with coverage and a strategy in place, an insurance expert explained that their role is to provide a panel of vendors, including lawyers, ransom negotiators, and communication experts.
Ransom negotiators play a part in determining the legality of paying ransoms and negotiating with threat actors.
The attack on M&S was reportedly carried out by Scattered Spider, a group of young teenagers who are more interested in gaining access to systems than monetary rewards.
Alistair Clarke, London cyber broking leader at Aon, outlined the role of specialists in ransom situations: "The decision on whether to pay the ransom is never easy, and in some circumstances, doing so might fall foul of sanctions. Ultimately, though, the business will have to weigh the commercial imperatives against the moral considerations of paying the ransom."
Tom Pelham, partner at Kennedys and member of the Forum of Insurance Lawyers, shed light on the role of legal professionals in such incidents: "Cyber incident response lawyers operate on a 24/7 basis, and we tend to arrive on the scene within minutes or hours of the incident unfolding."
He emphasised that their role extends beyond legal advice to project management and strategic guidance: "However... lawyers are advising on much more than strict legal analysis; we often project manage the response, advise on wider commercial considerations and, in some cases, guide clients on whether or not they should negotiate with the threat actor responsible,".
Another crucial factor for businesses to consider is effective communication, particularly when personal data is involved in these breaches.
But the current attacks in the retail sector "highlight the importance of cyber insurance, alongside robust cyber risk management," Clarke added.
