Unlock the publisher’s digest free
Roula Khalaf, editor -in -chief of the FT, selects her favorite stories in this weekly newsletter.
Cyberattacks take longer to repair, and are more a distraction that the bosses of afflicted companies tend to think at the beginning. This is what the other heads of management said to Stuart Machin de Marks and Spencer, now four weeks after an attack which will cost him 300 million pounds Sterling, or around 30% of the operating profit from last year.
What is bad for hacking victims is good for technology suppliers because it encourages cybersecurity expenses. More than four out of 10 companies have declared violations or security attacks in the last 12 months, according to the investigation into the violations of cybersecurity of the British government. While retailers make the headlines – Harrods and the group of supermarkets, the cooperative has also been affected – other industries are even more exposed.
Technology is therefore part of the cost of cleaning. M&S, for example, accelerates its digital and technological plans. The British retailer had already doubled cybersecurity expenses since 2021. Globally, investing in anti-hacking software increases by a percentage in mid-adolescents each year, the estimates of TD Cowen, and will reach 300 billion dollars by 2028. This has stimulated the rapid growth of security suppliers such as Palo Alto Networks, including income has increased in the past three months by 15 percent.
Piracy is evolving, so the frames must work to stay still. The malware, or software designed to cause damage, has gone from 60% of attacks to around 20% in the past five years, according to Crowstrike. But “Vishing” attacks – using telephone calls to extract personal data – Quintupled in the second half of last year. Generative AI is a threat, due to its ability to adapt quickly to new defenses, and to a solution when it is formed to identify and act on the smallest abnormal models.
Expenditure should go further when bosses and technicians agree on the greatest threats. Companies also strengthen a certain knowledge of cybersecurity in their advice. The directors do not need to be experts, but should at least be able to discuss with fruit with the subject with specialists. But there is a large space between knowing what malware and visiting software is and understanding the implications of third -party entrepreneurs with access to company systems – the vulnerability that exposed M&S.
The pain for the British retailer is not yet over. It will not be able to fully resume online sales for weeks – a blow with two thirds of customers buy online and in stores. And the reputation, too, has nothing to sniff. It is not clear if M&S was particularly vulnerable or simply unlucky. Cyberattacks generally involve both. But his fate should encourage other bosses of the company to increase their defenses.
jennifer.hughes@ft.com
