Cyber attacks in the news: how cyber insurance can help

In recent weeks, the UK retail sector has faced a series of significant cyberattacks, with major retailers such as Marks & Spencer (M&S), Harrods, and the Co-op experiencing substantial disruptions. These incidents underscore the critical importance of robust cybersecurity measures and the role of cyber insurance in mitigating the financial and operational impacts of such breaches. These attacks are part of a broader trend, with the UK’s National Cyber Security Centre (NCSC) reporting a doubling of significant cyber incidents since September 2024.

M&S was targeted by the cybercriminal group Scattered Spider, leading to disruptions in contactless payments and online order systems over the Easter weekend. The attack forced the retailer to halt online orders temporarily, highlighting vulnerabilities in digital infrastructure. Similarly, Harrods reported a cyber threat that, while not disrupting customer services, raised concerns about the increasing boldness of cybercriminals exploiting weaknesses in interconnected supply chains.

In this evolving threat landscape, cyber insurance has become an essential component of risk management for businesses. Cyber insurance policies can provide financial protection against losses resulting from data breaches, business interruptions, and other cyber-related incidents. They can also offer access to expert resources for incident response and recovery, helping organizations to mitigate the impact of attacks and resume operations more swiftly.

The recent attacks also highlight the need for organizations to adopt a proactive approach to cybersecurity. This includes investing in advanced security technologies, conducting regular risk assessments, and fostering a culture of security awareness amongst employees. Moreover, businesses must ensure that their cyber insurance policies are comprehensive and tailored to their specific risk profiles, taking into account the unique challenges posed by their industry and operational model.

The Cyber insurance market has in the past seen dramatic price changes, with sizeable premium increases due to heightened claims to a now far more competitive market leading to more suitable premiums being attained for our clients. It is now far more common for our clients to purchase Cyber insurance within their Fintech policy, partly due to the increased risk landscape but also as part of their contractual agreements with third parties and customers. Cyber insurance is now becoming a must have cover. 

Fintech’s handle sensitive personal and financial data such as bank account details, credit card numbers, investment records, and more. A data breach can lead to huge financial losses, regulatory penalties, and irreparable reputational damage with Cyber insurance covering:

• Costs of data breach notifications
• Credit monitoring for affected users
• Legal fees and settlements
• Forensic investigations
• Business Interruption (lost income during downtime, restoration costs and recover of data and systems)
• Ransomware negotiations
• Third-Party Liability
• Reputation Management

The incidents affecting M&S, Harrods, and the Co-op serve as a stark reminder that no organization is immune to cyber threats. As cybercriminals continue to evolve their tactics, businesses must remain vigilant and prepared.

If you have any questions relating to Cyber coverage or would like to explore this as an option within your insurance policy, please do let us know.