• 05 June 2026, 18:50 PM

Email Support

support@dsmgroup.co.uk

Call Us

03333 22 11 00

Head Office

The Old Hangar, Peterborough PE8 6NE

Tag Archives: cyber security

  HomeDSM Group   : :   cyber security
system hacked
Posted on By Author DSM Group Categories Cyber Security, Disaster Recovery

Cyber Attacks Don’t Shut Down Systems. They Shut Down Businesses.

When most organisations think about cyber attacks, they think about IT systems.

Servers go offline.
Files become inaccessible.
Applications stop working.

But that is only the surface level.

The real impact of a cyber attack is not technical.
It is operational.

Because when your systems go down, your business goes with them.

The Difference Between IT Impact and Business Impact

An IT failure is measurable in systems.

A business failure is measured in consequences.

When a cyber attack hits, the immediate effects are rarely limited to infrastructure. Instead, the disruption spreads quickly across the organisation:

  • Revenue generation stops
  • Staff are unable to perform their roles
  • Customer services become unavailable
  • Internal communication breaks down

What begins as a technical issue rapidly becomes a business-wide crisis.

And the longer systems remain unavailable, the more severe the consequences become.

The Hidden Cost of Downtime

Many organisations underestimate the true cost of a cyber incident because they focus only on recovery of data.

In reality, the most significant losses come from downtime:

  • Financial loss from halted operations
  • Customer attrition due to lack of service
  • Reputational damage that can take years to repair
  • Regulatory exposure in sectors with compliance obligations

In some cases, businesses recover their data but never fully recover their position in the market.

Why Prevention Alone Is Not Enough

Cybersecurity tools are essential.

Firewalls, endpoint protection, monitoring systems, and user training all play a critical role in reducing risk.

However, no environment is completely immune.

Attack methods evolve constantly.
Human error cannot be eliminated.
Supply chain vulnerabilities introduce external risk.

The question is no longer:

“Can we prevent an attack entirely?”

It is:

“What happens when something gets through?”

This is where many organisations fall short.

They invest heavily in prevention but give far less attention to resilience and recovery.

Backup Is Not Business Continuity

A common misconception is that having backups is enough.

Backups protect data.

They do not restore operations.

After a cyber attack, recovery involves far more than retrieving files:

  • Infrastructure may need to be rebuilt
  • Systems must be validated and secured before going live
  • Dependencies between applications must be re-established
  • Users need safe and controlled access

This process can take hours, days, or longer without the right preparation.

During that time, the business remains effectively offline.

The Importance of a Complete Disaster Recovery Strategy

A true disaster recovery approach goes beyond backup.

It ensures that your business can continue operating, even during a major disruption.

This requires:

1. Secure, Replicated Infrastructure

Not just stored data, but ready-to-run environments that can be activated quickly.

2. Defined Recovery Processes

Clear, structured procedures that are understood by both technical teams and business stakeholders.

3. Rapid Failover Capability

The ability to switch operations to a secondary environment with minimal delay.

4. Workplace Recovery

Ensuring staff have access to systems, communication tools, and a place to work if the primary office is unavailable.

5. Regular Testing

Simulating real-world scenarios to validate that recovery works under pressure.

Without these elements, recovery becomes slow, uncertain, and risky.

Why Your IT Partner Matters More Than Ever

One of the most critical decisions an organisation makes is choosing the right IT partner.

Not all providers approach security and disaster recovery in the same way.

Many focus on:

  • Basic backup solutions
  • Reactive support
  • General IT services

But in today’s threat landscape, that is not enough.

You need an IT partner that is:

Security First

Actively focused on protecting your environment, not just maintaining it.

Proactive, Not Reactive

Identifying risks and weaknesses before they become incidents.

Experienced in Real Recovery Scenarios

Understanding what actually happens during a crisis, not just what should happen in theory.

Able to Deliver End-to-End Disaster Recovery

Providing complete solutions that include infrastructure, failover, and workplace recovery, not just data backup.

Because when an incident occurs, your IT provider is not just supporting systems.

They are supporting your ability to operate as a business.

From IT Recovery to Business Continuity

The organisations that recover quickly from cyber attacks are not necessarily those with the most advanced technology.

They are the ones with the most complete strategy.

They understand that:

  • Recovery is about people as well as systems
  • Speed is as important as security
  • Preparation is more valuable than documentation

Most importantly, they treat disaster recovery as a core business function, not an IT afterthought.

Final Thought

Cyber attacks do not just disrupt infrastructure.

They disrupt operations, revenue, and trust.

And in many cases, it is not the attack itself that causes the greatest damage.

It is the inability to recover quickly and effectively.

If your current strategy is focused mainly on backup, it may be worth reassessing your level of risk.

Ask yourself:

If your systems went down today, how much of your business would still be operational?
Speak to us to discuss a complete DR plan today

    Please prove you are human by selecting the flag.

    How to Improve Employee Productivity 31 1024x576 1
    Posted on By Author DSM Group Categories Cyber Security, IT Support

    Cyber Security Laws Are Changing: What It Means for Your Business

    Cyber security is no longer just a technical consideration. It is now a core part of business risk, governance, and compliance. As regulations continue to evolve across the UK and internationally, organisations are expected to take a more structured, accountable, and evidence driven approach to protecting their systems and data.

    For many businesses, this is not about starting from scratch. It is about strengthening what is already in place and ensuring it stands up to increasing scrutiny.

    A Shift in Expectations

    Recent changes in cyber security regulation are shaping how organisations are expected to operate.

    There is now greater emphasis on accountability, with leadership teams expected to understand and take ownership of cyber risk. At the same time, expectations around incident detection and response have tightened, with faster reporting requirements becoming standard.

    Perhaps the most significant shift is the move towards evidence. It is no longer enough to say that security measures are in place. Businesses must be able to demonstrate what is being monitored, what risks have been identified, and how those risks are being managed.

    There is also increasing focus on supply chains. Organisations are expected to understand the security posture of their partners and suppliers, not just their own internal systems.

    What This Means in Practice

    The practical impact for businesses is a move away from periodic reviews towards continuous oversight.

    Organisations need to be able to:

    • Maintain ongoing visibility of vulnerabilities across their environment
    • Prioritise and address risks in a structured way
    • Keep clear records of actions taken
    • Provide evidence quickly and confidently during audits

    Many traditional IT support models were not designed with these requirements in mind. As a result, some businesses may find gaps between what they currently have in place and what is now expected.

    The Role of Your IT Partner

    As requirements evolve, so too must the role of your IT provider.

    A modern IT partner should help you stay ahead of risk and maintain compliance, not simply respond to issues as they arise.

    Key capabilities to look for include:

    • Continuous visibility of your security position
    • Clear prioritisation and management of vulnerabilities
    • Reporting that supports audits and regulatory requirements
    • Proactive guidance on improving your security posture
    • Alignment with recognised standards such as ISO 27001 and Cyber Essentials

    This approach helps ensure that security is not just in place, but also measurable and demonstrable.

    Supporting a Structured Approach to Security

    At DSM Group, we support businesses in taking a more structured and consistent approach to cyber security.

    Our Vulnerability Management as a Service provides continuous scanning and clear insight into potential risks, alongside prioritised guidance on remediation.

    Our Security as a Service offering builds on this by delivering ongoing monitoring, threat detection, and support in maintaining a strong overall security posture.

    These services are designed to provide clarity and confidence, helping businesses understand their risks and demonstrate how they are being managed.

    Preparing for What Comes Next

    Regulation will continue to evolve, and expectations around cyber security will only increase.

    Organisations that take a proactive approach now will be better positioned to meet future requirements. By putting the right processes, visibility, and support in place, compliance becomes a natural outcome of good practice rather than a reactive exercise.

    Final Thoughts

    Cyber security today is about more than protection. It is about assurance.

    Being able to clearly demonstrate that risks are understood, monitored, and managed is becoming a fundamental requirement for doing business.

    With the right approach and the right support, this does not need to be complex. It simply needs to be consistent, visible, and well managed.

    Like to know more?

      Please prove you are human by selecting the house.

      mands-hack
      Posted on By Author DSM Group Categories Cyber Security, blog, Security

      A Deep Dive into the M&S Hack: Root Cause, Impacts, and the Path Forward

      In an era where data is as valuable as currency, cyberattacks have grown not only in frequency but in sophistication. The recent breach involving Marks & Spencer (M&S), one of the UK’s most established retail giants, underscores the vulnerabilities that even long-standing and digitally mature organisations can face. At DSM, we take these incidents seriously — not just as cautionary tales, but as learning opportunities to better secure our clients’ infrastructure.

      In this post, we explore the root cause of the M&S hack, its impacts, and the potential remediations and industry best practices that organisations of all sizes should consider.

      What Happened?

      In June 2025, M&S confirmed that customer data had been exposed via a third-party supplier breach. The attack did not directly target M&S’s core systems, but rather leveraged vulnerabilities in MoveIt, a file transfer software widely used by many enterprises — echoing the Clop ransomware gang’s global campaign from 2023 which exploited a zero-day vulnerability in the same software.

      This breach exposed sensitive employee and customer data, including contact details, payroll records, and in some cases, national insurance numbers. Although payment data was reportedly not affected, the breach was serious enough to warrant a coordinated incident response, internal investigations, and involvement from the Information Commissioner’s Office (ICO).

      Root Cause Analysis

      1. Third-Party Vulnerability

      The breach highlights the ever-growing risk associated with supply chain and third-party software. M&S was not directly attacked; instead, its data was compromised via its association with a vulnerable vendor. The MoveIt vulnerability allowed attackers to bypass authentication and gain access to sensitive files through unauthorised transfers.

      2. Inadequate Segmentation and Vendor Management

      While M&S likely had robust cybersecurity protocols in place for its internal systems, the lack of segmentation between internal and vendor systems may have enabled lateral movement of data. Additionally, vendor due diligence and continuous monitoring appear to have been insufficient — a common shortfall even among large organisations.

      3. Delayed Patch Implementation

      Despite alerts being issued about the vulnerability, many organisations — including M&S’s third-party supplier — failed to apply security patches promptly. In high-risk environments, time-to-patch is often the difference between containment and compromise.

      Impacts of the Breach

      1. Customer and Employee Trust

      Perhaps the most intangible yet damaging outcome is the erosion of trust. Customers and employees entrust organisations like M&S with their personal data, and breaches — even when caused by third parties — reflect poorly on data stewardship practices.

      2. Financial and Legal Repercussions

      While M&S has not disclosed the exact cost, historical data suggests large-scale breaches can cost millions in legal fees, compensation, fines (especially under UK GDPR), and increased insurance premiums. The ICO could issue a significant penalty if M&S is found to have failed in its data protection obligations.

      3. Operational Disruption

      Though retail operations continued, IT and legal teams were forced into crisis mode. These disruptions pull resources away from strategic initiatives and can harm internal morale.

      4. Reputational Damage

      The press coverage of the breach was widespread. In a time when ESG and digital trust matter to investors and consumers alike, reputational damage can have long-term commercial effects.

      Lessons Learned and Resolutions

      1. Zero Trust Architecture (ZTA)

      Organisations must adopt a Zero Trust approach — assuming that every device, user, or system could be compromised. This philosophy promotes the idea of least privilege, continuous validation, and strict access controls.

      2. Third-Party Risk Management

      Vendor relationships must go beyond contractual SLAs. This includes:

      • Continuous security assessments
      • Penetration testing
      • Real-time monitoring of vendor risk profiles
      • Contractual obligations for prompt patching and breach reporting

      At DSM, we vet every supplier and partner using a rigorous compliance and risk methodology, including ISO27001-certified processes.

      3. Proactive Threat Detection

      Implementing real-time threat intelligence, SIEM tools, and behaviour-based monitoring is essential. M&S and its vendors might have benefited from anomaly detection systems that flag unusual file transfers or system activity.

      4. Segmentation and Data Minimisation

      Limiting how much data vendors can access, and segregating networks, could have reduced the breach scope. The principle of data minimisation — collecting and retaining only what’s strictly necessary — would have also limited exposure.

      5. Regular Patch Management Protocols

      Having a formalised, time-bound patch management policy — with escalation procedures — is vital. DSM supports customers with automated patching solutions, compliance audits, and vulnerability scanning as part of our managed services offering.

      Looking Ahead

      This breach serves as a stark reminder: cybersecurity is only as strong as the weakest link. Whether you’re a large retailer, a public sector body, or an SME, third-party risk must now be considered a top-tier cyber threat.

      At DSM, our commitment to secure, resilient infrastructure means going beyond traditional boundaries of IT support. We design environments that assume breach, isolate risk, and ensure business continuity through our workplace recovery, DRaaS, and colocation services.

      Final Thoughts

      Cyber resilience isn’t about preventing all breaches — that’s virtually impossible. It’s about detection, response, and minimising the blast radius. If the M&S breach teaches us anything, it’s that resilience is a shared responsibility — between businesses, suppliers, and IT partners.

      If you’re concerned about your own third-party risk exposure or would like a free cybersecurity readiness assessment, contact DSM today. Let’s build a safer, smarter, and more resilient future — together.

      cyber-insurance-n365-backup
      Posted on By Author DSM Group Categories Uncategorized, Cloud Backup

      Cyber Insurance and the Need for Microsoft 365 Backup

      Why Backup is Becoming a Policy Requirement — and What That Means for Your Organisation

      Cyber insurance has become an essential component of business continuity planning. However, as cyber threats grow more advanced, insurers are tightening their requirements. One of the most significant emerging conditions is the requirement for Microsoft 365 (M365) backup — something many organisations still overlook.

      At DSM, we’re seeing this shift first-hand, as clients look to ensure their data protection posture meets evolving cyber insurance standards. In this article, we explain what’s driving this requirement, what constitutes a compliant backup solution, and how businesses can prepare effectively.

      Understanding the Change

      Microsoft’s Shared Responsibility Model

      Many organisations mistakenly believe that Microsoft fully protects M365 data. In fact, Microsoft’s cloud services operate under a shared responsibility model: they maintain the platform’s availability, but customers are responsible for protecting their own data against deletion, corruption, ransomware, and retention misconfiguration.

      Native tools such as recycle bins and retention policies offer limited protection, often for short periods (typically 30–90 days), and do not meet insurer expectations for full recoverability.

      The Rise of Cloud-Based Threats

      Microsoft 365 environments are increasingly being targeted by ransomware, phishing, and Business Email Compromise (BEC) attacks. In these scenarios, data loss is common — and without third-party backup, often irrecoverable.

      From an insurer’s perspective, the inability to restore critical business data significantly increases claim risk, operational disruption, and potential reputational harm.

      What Are Insurers Looking For?

      To reduce their exposure and improve resilience among policyholders, many cyber insurers now require customers to:

      • Demonstrate that M365 data is backed up externally
      • Show evidence of backup schedules and retention policies
      • Confirm that data is restorable in full or in part
      • Prove that storage is secure, monitored, and immutable

      Insurers may request this information at the point of application, during renewal, or even during a claim investigation.

      What This Means for Your Organisation

      1. Backup Is Now Essential for Compliance

      Whether you’re a regulated entity or a small business, having a suitable Microsoft 365 backup solution in place may now be a prerequisite for cyber insurance eligibility. Without one, insurers may:

      • Decline coverage
      • Increase premiums
      • Apply exclusions for cloud-related losses

      2. Greater Scrutiny During Due Diligence

      Expect more technical questions from underwriters, such as:

      • What backup technology do you use?
      • How often is data backed up?
      • What’s your retention period?
      • Is backup data immutable?
      • Have you tested your recovery processes?

      3. Operational Benefits Beyond Insurance

      Having robust backups of your Microsoft 365 environment doesn’t just satisfy insurers — it also strengthens your business continuity and disaster recovery planning, enhances compliance, and reduces recovery time in the event of an incident.

      What Does a Compliant Backup Look Like?

      At DSM, we recommend businesses deploy a dedicated backup solution that meets or exceeds the following criteria:

      ✔️ Comprehensive Coverage

      Protection for all core Microsoft 365 workloads:

      • Exchange Online (emails, calendar, contacts)
      • OneDrive for Business
      • SharePoint Online
      • Microsoft Teams (chats, files, meetings)
      • M365 Groups and Public Folders

      ✔️ Granular Recovery

      Ability to restore individual items such as emails, documents, calendar entries, or conversations — not just full mailboxes or accounts.

      ✔️ Immutable Storage

      Backups must be tamper-proof, using WORM (Write Once, Read Many) technology. This prevents attackers or internal users from modifying or deleting backup data — a key insurer requirement.

      ✔️ Automated Scheduling and Retention

      Daily or more frequent backups, with configurable retention periods to align with organisational needs or regulatory obligations.

      ✔️ Role-Based Access and MFA

      Administrator access to the backup platform should be restricted, audited, and protected by multi-factor authentication.

      ✔️ Data Location and Compliance

      Ensure data is stored in a secure UK or EU facility, in accordance with data protection regulations such as GDPR and DPA 2018.

      How DSM Can Help

      At DSM, we offer fully managed Microsoft 365 backup solutions that align with the expectations of both cyber insurers and regulatory bodies. Our platforms are:

      • Hosted within our UK-based Tier 3 data centre
      • Integrated with secure, immutable backup storage
      • Monitored and maintained by our accredited support team
      • Available with custom retention policies and rapid recovery SLAs

      Whether you’re looking to improve resilience, achieve cyber insurance compliance, or simply secure your cloud data, DSM can provide a tailored backup strategy to meet your needs.

      Next Steps

      If you’re unsure whether your current Microsoft 365 environment is sufficiently protected — or if your insurer has introduced new data protection requirements — we recommend taking the following steps:

      1. Audit your existing M365 backup arrangements
      2. Consult your insurer or broker to confirm their backup requirements
      3. Speak with a DSM advisor to explore compliant backup solutions

      Get in touch today to discuss how DSM can help you meet cyber insurance standards with confidence.

      key cyber security trends look out for 2021 1024x440 2
      Posted on By Author DSM Group Categories blog, System Security

      12 Steps To Secure Your IT System

      Online criminals are increasingly targeting SME’s instead of large corporate entities, so it’s more important than ever to take steps to protect your IT and data.
      Let’s look at how you can do that in 12 easy steps:-

      1. Make IT security a priority. Technology is integral to every small business, even those with just one computer so don’t fall into the trap of ‘it won’t happen to me’!
      2. Make someone responsible for IT security and ensure they have the time and resources to create new security processes. If not, it’s easy for things to get overlooked.
      3. Assess the risks to your IT system. Look at how you and your employees use IT to identify vulnerabilities. For example, your internet connection should be protected by a robust security package that includes virus and malware protection, plus a firewall.
      4. Take care of IT security basics. Simple precautions like not opening email attachments from unknown sources, education on threats like phishing and changing passwords regularly can significantly reduce the risks.
      5. Draw up an IT security plan. Once you have identified the risks your IT system faces, write an IT security plan. This should set out general rules to minimise the threat of hacking, theft and data loss.
      6. Be prepared to invest time and money. Good security software with regular updates usually costs money. It also takes time to identify what precautions you need to take.
      7. Perform regular backups and test that you can restore your data from your backups. At some point, every business will suffer a data loss – perhaps a result of accidental file deletion or a failed hard drive. Having a good backup system enables you to recover important data and carry on working.
      8. Protect lost property. One of the quickest ways for someone to access your data is through lost or stolen laptops, smart phones or USB memory sticks. Mobile equipment should be password protected and encrypted. Implement a remote wipe system so your data does not get into the wrong hands if a device is lost or stolen.
      9. Be aware of staff-owned devices. If employees are using their own smart phones or tablets for work then make sure this doesn’t create additional security risks.
      10. Train your staff. Ensure all employees are familiar with your security plan. Explain security procedures clearly, both during training and in employment contracts. For example, make it compulsory for staff to change their passwords regularly or to encrypt sensitive emails.
      11. Make it easy to be secure. One of the biggest threats to good security is employees who circumvent rules because following them makes their jobs difficult. It’s important your security measures don’t place an unreasonable burden on staff.
      12. Secure your website. Your website could be one of your weakest spots if hackers target you, particularly if it is the main point of contact for customers. In particular, make sure your online shop is secured by an SSL etc.