top of page

Leading the Conversation on Retail Cyber Threat

  • nicolaferraritest
  • May 9
  • 2 min read

Updated: May 13

9 May 2025


With cyber threats intensifying across the UK, especially within the retail sector, high-profile names like Marks & Spencer and Harrods have recently found themselves in the headlines and in the crosshairs of sophisticated threat actors. 


On 1st May 2025, Daryl Flack, Co-founder and Partner at Avella, joined BBC News to offer expert commentary on the rising risks and what organisations must do to stay protected. 

“It’s not limited to supermarkets,” Daryl explained. “Every organisation, no matter the size or sector, is a potential target.” 


Why Proactive Defence is Now Non-Negotiable 


Cyber attacks have become a routine risk. For today’s businesses, it’s no longer a matter of if they’ll face an attack - but when. Daryl laid out several core defences all organisations should already be investing in: 


  • Implementing strong, layered authentication 

  • Ensuring real-time monitoring and alerting 

  • Maintaining multiple, secure backups across diverse platforms 

  • Conducting regular incident response simulations 

  • Prioritising employee training to recognise social engineering attempts 


The Ransomware Dilemma: A Firm "No" 


In the wake of a cyber breach, the temptation to pay a ransom is strong - especially with business continuity on the line. But Daryl urged caution: “Paying a ransom gives you no guarantees. Worse, it marks you as a future target and risks funding criminal or terrorist operations.” Instead, he advocates for recovery strategies built around prevention, resilience, and post-incident restoration. 


Home Working: A Lingering Weak Spot 


While remote work became the norm during the pandemic, it also introduced a host of new vulnerabilities. Many organisations scrambled to adapt and Daryl warned that many of those quick fixes still need long-term, secure solutions. 


Testing the Defences: Ethical Hacking is a Must 


Even with strong security in place, constant testing is essential. Ethical hackers or "white hats" play a vital role in uncovering flaws before real attackers can exploit them. 

“Defenders must win every time. Attackers only have to get lucky once,” Daryl noted, underscoring the importance of penetration testing, rapid patching, and continuous monitoring. 


Preparedness isn’t a luxury, it’s essential to limit damage when (not if) attackers break through. 

Contact us to find out more about how Avella is helping businesses build cyber resilience contact@avella-security.com.






bottom of page