The True Cost of Cyber Disruption – And How to Prepare
30 August 2025
Summary
Cyber events don’t just drain budgets; they damage trust, operations, and reputation. Learn what recent retail incidents teach us about being prepared.
Counting the real cost of disruption
When cyber attacks strike, the impact can be huge.
When Marks & Spencer suffered a highly sophisticated cyberattack, it lost an estimated £1 billion in market value, more than £60 million in sales, and an estimated loss of around £300 million in operating profit. Their systems were badly hit, some food shelves went bare, and online shopping stayed offline for weeks.
Customers felt it in the aisles and online
Shoppers were frustrated. In some stores, people couldn't buy preferred lunch options as “meal deals” were temporarily unavailable. Overwhelmed staff, unable to use company communication systems, had to resort to using WhatsApp to coordinate the shop floor. Some suppliers resorted to using pen and paper for organising deliveries, while others had their trust shaken ahead of new product launches in M&S stores.
Lost data, offline services, shaken trust; it all adds up.
A real and relatable disruption, showing resilience isn’t just IT’s problem.
And while you might think such cyber attacks only happen to big firms, think again.
Knights of Old, a medium-sized logistics firm who had operated for 158 years, was wiped out with the loss of 700 jobs by a guessed password and back up plans that were as helpful as a chocolate teapot on a hot day.
According to the UK Government’s Cyber Security Breaches Survey, the average cost of a cyber incident for a medium-sized business is over £19,000.
It's not just about money
Wider business damage
When shelves are empty or systems fail, customers lose confidence. “Millions of pounds in lost sales” wasn't just a figure, it reflected real people unable to buy lunch or shop online.
M&S is also facing a multimillion-pound class action lawsuit over stolen customer data. Their cyber insurance may pay out up to £100 million, but higher premiums (anticipated to rise from £5 million to approximately £10 million as a result of the cyberattack) and legal risks are downstream costs.
How you can prepare
Legislation such as DORA, NIS2, and the UK's forthcoming Cyber Security & Resilience law require firms to show that they have prepared. This means you must identify your critical systems, test them regularly for vulnerabilities, and continually improve.
Frameworks, such as our Cybersecurity & Digital Operational Resilience (CDOR) framework, can help you by assessing your readiness across all the areas specified by DORA, NIS2, and the UK's CS&R Bill, among others. The CDOR framework spotlights potential vulnerabilities so you can fix them before being called out by regulators, or worse, before being exploited by criminals.
Small teams and limited budgets often mean you can't fix everything at once. Our CDOR framework helps you prioritise remedial action, so you get the biggest compliance bang for your buck.
So what should I do?
If your resilience is based only on insurance or backups, you're missing real risks: customer trust, legal exposure, and your reputation. Start by identifying your weakest links, and remember, these could be internal - such as weak passwords or processes - or external.
Did you know?
After a major ransomware attack, Maersk spent nearly $300 million not just on IT recovery, but on rerouting cargo, manual rebooking of shipments, and rebuilding global operations by couriering physical backups from one country to another.
Cyber disruption doesn't just hit your tech, it breaks your whole business model.