Major retailers across the UK are still being hard-hit by the cyberattacks last spring. Most organisations already have state-of-the-art technology for detection and prevention in place – but are not practicing or preparing integrated response and recovery procedures between IT and security teams. This means in the event of a breach payment systems are likely to stay down for longer periods of time, supply chains face long-term disruption and customer trust is lost.

‘British retailers too often are not aware of these process gaps in cyber resiliency. Worryingly, almost half of British businesses (43%) believe their cybersecurity is foolproof. Yet in the event of an attack, the vast majority (90%) have to lean on insurers, who are not able to adequately cover costs. Insurance is not a ‘get out of jail free’ card for executive leadership and should not be relied on to compensate for poor protection. It should be viewed as a final layer of defence, not a primary strategy.

While complete prevention is near impossible, assurance of rapid recovery is fully within organisational control.  No one wants to figure out their disaster plan whilst a crisis is unfolding.