Cyber Attacks Behind the Scenes at Retail Giants
Mark Kleinman: This isn't an ordinary cyber attack on a retail sector...
In today's connected world, cyber attacks on big corporations have become a common occurrence. Just within the past couple of weeks, an unfortunate trio of retail heavyweights – including the Co-op and Harrods – have been dragged into the unflattering limelight after suffering these digital hiccups.
However, it's not the event itself that matters most; it's how these businesses react to such situations that truly sets them apart. Take Marks & Spencer (M&S) as a prime example.
M&S shareholders demand answers. Probing questions regarding the preventability and handling of the ongoing cyber attack are fair game. Reports indicate that M&S CEO Stuart Machin has changed his mobile number due to uncertainty surrounding the situation. However, this seems to be an exception, as other members of the executive committee have not faced the same fate, indicating that it may not have been a security breach of Machin's phone[1].
In the retail industry, underinvestment in technology and systems may play a significant role in the chaotic nature of the aftermath of these attacks. Over two weeks on from the hack, for which a group called DragonForce has taken credit, M&S still seems to be grasping for control. A clear timetable for returning to normal operations appears elusive[1].
Insurance coverage can help mitigate the financial burden of lost sales during this interim period. However, the long-term reputational damage to a brand like M&S, which had been gradually rebuilding confidence in its clothing business after a rocky two decades, could be incalculable[1].
Archie Norman, M&S chairman, faces a formidable challenge if he hopes to adhere to corporate governance guidelines. A thorough, independent investigation into the crisis is necessary, preferably including a review of the required investments to minimize M&S's vulnerability to future attacks. The findings of such an investigation should be made public in their entirety[1].
Meanwhile, Sir Mark Tucker is bidding farewell to HSBC Holdings after seven-and-a-half years as chairman. Tucker's tenure has been marked by a series of extraordinary events, including Brexit, the Covid pandemic, and the Trump administrations, as well as China's activism campaign and Russia's invasion of Ukraine[2].
Tucker's legacy at HSBC is a mixed bag when it comes to CEO selection. The pick of John Flint as CEO following Stuart Gulliver proved disastrous. Noel Quinn, initially appointed as interim CEO, was a solid replacement and managed to oversee the quickfire takeover of Silicon Valley Bank's UK arm in a 2023 rescue deal[2].
Georges Elhedery, who succeeded Quinn last year, is seen by Tucker's allies as the perfect person to lead HSBC for the next decade. Under Tucker's leadership, HSBC experienced impressive share price growth and profitability, but concerns linger about the bank's unique geographical footprint potentially leading to further challenges[2].
In the world of bread, Associated British Foods (ABF) is scrutinizing the finances of Kingsmill's parent, Allied Bakeries. The merger of ABF's Hovis division, which also owns the Sunblest brand and a private equity-backed own-label manufacturing operation, with Allied Bakeries is being considered[3].
The merger could result in over 40% market share in the branded sliced bread sector, which could spark scrutiny from the Competition and Markets Authority. However, given the current political climate and the Authority's recent constraints, structural or pricing remedies may be a more likely outcome[3].
In conclusion, the cyber attack at M&S underscores the crucial importance of robust cybersecurity measures and effective communication strategies for businesses hoping to safeguard their interests and maintain customer trust. Meanwhile, the bread industry grapples with the potential of mergers to boost their competitive edge, while navigating the complexities of market share and regulatory oversight.
- The ongoing cyber attack at Marks & Spencer (M&S) highlights the significant role that robust cybersecurity measures play in safeguarding a business's interests and maintaining customer trust.
- Insurance coverage can help mitigate the financial burden of lost sales during the interim period of a cyber attack, but the long-term reputational damage could be incalculable, as seen with M&S.
- In the retail industry, underinvestment in technology and systems might contribute to the chaotic nature of the aftermath of cyber attacks, as evidenced by M&S's struggles two weeks after the hack.
- Archie Norman, M&S chairman, faces a formidable challenge in adhering to corporate governance guidelines, particularly in conducting a thorough, independent investigation into the crisis and reviewing the required investments to minimize M&S's vulnerability to future attacks.
- Meanwhile in the world of finance, the legacy of Sir Mark Tucker at HSBC Holdings remains a mixed bag, with concerns lingering about the bank's unique geographical footprint leading to further challenges.
- In the bread industry, Associated British Foods (ABF) is considering a merger with Allied Bakeries, which could result in over 40% market share in the branded sliced bread sector, potentially sparking scrutiny from the Competition and Markets Authority.
