You’ve probably seen the headlines: on 10 July 2025, the NCA swooped in and arrested four people linked to the cyber-attacks that crippled Marks & Spencer and the Co-op back in April. It’s a relief to see law enforcement taking organised crime seriously, but it also reminds us of a tough truth: even the best-defended organisations can be hit.

Why this matters to your business

Most small and medium-sized businesses treat IT support as a necessary evil – another cost you’d rather avoid. But when M&S’ chair admits, “you can do everything right and still get breached,” it’s clear that cybersecurity isn’t optional. Here’s what’s at stake:

  • Customer trust: One breach and you’re explaining to clients why their data is at risk.
  • Regulatory fines: GDPR penalties can top six figures if you’re found non-compliant.
  • Operational chaos: Empty shelves at the Co-op, weeks of downtime at M&S – can you afford that?

Five practical steps you can take today

  1. Dark Web scan 🔍
    See if your team’s passwords are already floating around. A quick free scan can spot compromised credentials before attackers strike.
  2. Network segmentation 🛡️
    Keep tills, accounting servers and customer databases on separate networks. If one area gets hit, the rest stays protected.
  3. Backup recovery drill 🔄
    Backups are only as good as your ability to restore. Run a live-restore test so you know you can get back online in hours, not days.
  4. Incident response playbook 📘
    Who calls the police? Who talks to customers? Write it down now – you won’t have time during a crisis.
  5. Managed IT with 24/7 monitoring 🕒
    Move from break‑fix to continuous defence. Automated patching and real‑time alerts mean you’re always one step ahead.

Your next step

Don’t wait for headlines to land on your doorstep.

Book a free cyber-risk assessment with HiltDigital today – no jargon, no hard sell, just clear advice for SMEs that care about cybersecurity and growth.