It has been reported that Co-op has confirmed that the cyber attack it suffered earlier this year cost the retailer at least £206m in lost revenues. Here, experts from CybaVerse and Converged respond to the news.

Simon Phillips, CTO of Engineering, CybaVerse:

“These figures highlight the true cost of cyber crime today and reinforce that it should never be seen as an IT problem.

Today, cyber attacks can be business destroying, impacting almost every function, from customers to employees to operations and the bottom line.

However, many business leaders still don’t recognise these consequences and under invest in defences, leaving their organisation exposed.

Security teams are left with minimal resources to protect their organisation, then when something goes wrong, business leaders want to understand why. 

In reality, business leaders must recognise the importance of cyber defences, and the criticality of not taking gambles. After all, in the aftermath of a breach, it is executives who will face customers, shareholders and the wider public, apologising for not having done enough, explaining why protections fell short and taking responsibility for the financial losses.

Suffering losses of £206 million is astronomical, and few organisations would be able to survive from this. Fortunately for an organisation as large as the Co-op, it’s been a heavy blow, but recoverable.

This incident must act as a catalyst for organisations to prioritise defences. 

This is no longer optional. 

Attackers don’t see any business as optional, if they can find a way in to your network, they will use it, regardless of your size, perceived importance or line of business.”

Andy McKay, Head of IT and Cyber Security Services for Converged Communication Solutions:

“The Co-op’s reported losses give us a real window into the damage ransomware causes today.

Many businesses balk at the cost of cyber security, seeing it as an optional spend that remediates IT issues and delivers no real return to the business. This is hugely wrong.

The ROI of cyber is business continuity; safe, uninterrupted operations; the avoidance of putting sensitive customer, employee and corporate data at risk; the avoidance of regulatory compliance fines; and the avoidance of irreparable business, financial and reputational damage.

We’ve seen a range of similar high-profile ransomware attacks on organisations this year, with the retailer M&S impacted to the tune of £300 million, while currently an ongoing attack against Jaguar Land Rover has ground the company’s production lines to a standstill, putting dozens of their suppliers at risk of collapse. The losses from this attack are reportedly reaching £50 million every week.

Business leaders must take note of these figures and understand the real risks of under investment in cyber. It’s not just technology at risk, everything can be at risk once an attacker gets into the network.

If organisations don’t have the in-house capabilities to manage cyber, then the best approach is partnering with a dedicated provider who can support the business safely and securely, while alleviating significant proportions of the labour involved in this.”

For more cybersecurity news, click here