Lessons in Resilience from a Tumultuous Spring Part 3
For our final post we turn our attention to the digital domain, where virtually all organizations are at risk, and examine the recent attacks on the retail industry.
When the power grid went down across the Iberian Peninsula, the impact was immediate and far-reaching. What began as a technical fault cascaded into a multi-sector crisis, halting trains, grounding planes, disabling payment systems, and disrupting essential services. This wasn’t just a power failure, it was a live stress test of national infrastructure and societal readiness. And while the response in many areas was commendable, the disruption revealed just how brittle some of our modern systems have become.
Beyond IT: when cyber becomes a business crisis
These are not just technical incidents. They are business-wide crises that expose how deeply digital systems are embedded in day-to-day operations. Impacts include:
- Customer trust: Breaches and downtime prompt fear over data misuse and privacy, leading to negative press.
- Revenue loss: Even brief service outages during busy trading periods have a measurable financial cost, both online and in-store.
- Disrupted operations: POS systems, supply chain tracking tools, and customer service platforms impact staff productivity and service continuity.
- Governance exposure: Boards face difficult questions not just about technical controls, but about overall resilience capabilities, regulatory compliance, and loss of business.
Learning the hard way: the case for proactive digital resilience
For many of the retailers affected, the attacks served as a wake-up call. Cyber preparedness, in some cases, was treated as the domain of IT teams or cybersecurity functions alone. But these incidents made clear that cyber resilience must be embedded throughout the business, in continuity planning, scenario exercises, staff training, and leadership awareness.
Stress-testing business continuity and cyber response plans under realistic conditions is no longer optional. Just as the Heathrow energy outage showed the risks of relying on assumed redundancy, these cyber events exposed the dangers of assuming digital defences will always hold or that mitigation plans will naturally work when the pressure hits.
Resilience as competitive advantage
Cyberattacks are no longer a matter of if but when. As threats grow more sophisticated and the stakes rise, resilience must go beyond a compliance checkbox or hygiene factor, it must become a core part of how an organization operates. That means being tested, reviewed, and owned at every level.
For large retailers with complex supply chains and digital dependencies, the ability to respond rapidly and effectively is now a genuine competitive advantage. Investing in continuity and resilience as well as supporting digital tools, ensures planning doesn’t just reduce risk, it shortens recovery time, protects reputation, and strengthens trust with customers and stakeholders. It also builds a culture of preparedness, where teams are ready to act under pressure, not just plan for it on paper.
Lessons from being in the midst of a ransomware attack
When a global ransomware attack paralysed core IT systems at a global organization, senior leaders, with the support of external consultants, activated a swift and strategic crisis response. Drawing on prior scenario planning, they focused on coordination, upheld transparency, and prioritised critical operations under intense regulatory and media scrutiny. One of the most common missteps in such situations, confusing assumptions with facts, was avoided through clear roles, external challenge, and rehearsed protocols.
Read more
