Hardly a week goes by without a report by the media on cyber attacks on our high street institutions and recognised brands, whether it be M&S, Harrods, Co-Op, or most recently Jaguar Land Rover (JLR). One might be tempted into thinking this is just the new normal and there is nothing that can be done about it.
The U.K. government’s own Cyber Security Breaches Survey 2025 highlights how widespread cyber attacks, and especially ransomware attacks in the U.K., are right now. Just over four in 10 businesses (43%) and three in 10 charities (30%) reported having experienced a cybersecurity breach or attack in the last 12 months.
But while the money these incidents are costing high profile businesses is eyewatering — analysts have estimated JLR losses at £50m per week from their ongoing incident — the impact on smaller businesses that are part of the supply chain can be even larger.
Major companies like JLR and M&S sit at the top of a pyramid of hundreds or even thousands of suppliers. For many of those firms, the shutdown caused by ransomware attacks represent a very real threat to their business.
In a letter to the Chancellor on 25 September, the Business and Trade Committee warned that smaller firms “may have at best a week of cashflow left to support themselves,” while larger companies “may begin to seriously struggle within a fortnight.”
The threat of significant business disruption from these attacks is very real. Genex UK, a supplier to JLR, has had to lay people off after last month’s cyber attack forced the car maker to shut down production for over a month.
So, what can be done about it?
It’s critical that organisations don’t ignore the risk and plan what to do should the worst happen.
This includes:
1. Map Your Dependencies
- Identify Critical Customers: Know which customers are essential to your revenue and operations
- Understand Integration Points: Document how your systems, data, and processes interact with theirs
2. Diversify Your Customer Base
- Avoid Overreliance: If one customer accounts for a large portion of your income, consider expanding your client base to reduce risk
- Explore New Markets: Look for opportunities in adjacent industries or geographies
3. Strengthen Contracts and Agreements
- Include Cybersecurity Clauses: Defer to counsel to ensure contracts address responsibilities in the event of a cyber incident
- Require Timely Communication: A licensed solicitor can also help define service-level agreements (SLAs) and notification protocols.
4. Build a Business Continuity Plan
- Conduct Scenario Planning: Include supply chain cyber attacks in your risk scenarios
- Build Backup Operations: Have alternative workflows or manual processes ready
- Create a Financial Cushion: Maintain emergency funds or access to credit to weather disruptions
5. Monitor and Assess Risk Continuously
- Conduct Third-Party Risk Management: Regularly assess the cybersecurity posture of your customers
- Gain Threat Intelligence: Subscribe to alerts or services that notify you of incidents affecting your industry or partners
6. Improve Your Own Cyber Hygiene
- Secure Your Systems: Use firewalls, endpoint protection, and regular patching
- Train Your Team: Educate employees on phishing, ransomware, and safe practices
- Backup Data: Ensure you have secure, offline backups of critical data
7. Insurance and Legal Readiness
- Obtain Cyber Insurance: Consider coverage that includes business interruption due to third-party incidents
- Secure Legal Counsel: Be prepared to navigate liability and compliance issues if your operations are affected
8. Communication Strategy
- Prepare Messaging Templates: For customers, partners, your staff, and media in case of disruption
- Coordinate with Affected Parties: Ensure consistent and accurate information is shared
- Protect Reputation: Emphasize your proactive measures and commitment to continuity
Every organisation faces the same reality: It’s not a matter of if an incident will happen, but when. Preparation and response make all the difference when an attack occurs. That’s where Arctic Wolf® comes in.
With the Arctic Wolf Incident360 Retainer, organisations receive complete end-to-end coverage for a single incident, no matter the attack type. Arctic Wolf Incident Response can deliver the full suite of services needed to recover quickly and confidently, from removing the threat actor and identifying the root cause to restoring critical systems and negotiating with attackers when necessary.
The unique Incident360 Retainer provides prioritised access to insurance-approved experts who can contain, investigate, and remediate an attack. It also includes proactive readiness activities such as IR planning and a tabletop exercise, helping teams prepare in advance so they can respond faster and more effectively when an incident occurs.
Because no cybersecurity solution can prevent every attack, the Arctic Wolf Security Operations Warranty helps transfer residual risk with a monetary benefit of up to $3 million (USD). It also supports recovery and repair efforts, ensuring organisations can get back to normal operations as quickly as possible.
All of these services are powered by the AI-driven Aurora™ Platform, which processes more than nine trillion security events each week and enriches them with threat intelligence and contextual insight. This enables faster detection, simpler incident response, and fewer false alarms. Together, Arctic Wolf’s Aurora Platform and security experts give organisations the visibility, confidence, and resilience they need to manage cyber risk from end to end.
DISCLAIMER: The contents of this blog post are for educational purposes only and Arctic Wolf is not endorsing any insurance provider, product, or service. Arctic Wolf and its employees are not licensed producers and therefore are not engaging in the sale, solicitation, or negotiation of insurance and are NOT offering advice regarding insurance terms, conditions, premium rates, or claims. Customers interested in purchasing cyber insurance coverage should consult with an appropriately licensed insurance broker.
