Seven weeks in, Marks and Spencer still have recruitment closed, online orders stopped and no Palo-Alto GlobalProtect VPN.
While Co-op have restored every customer facing system and internal systems like recruitment and remote working, M&S still don't even have recruitment back.
I'm reliably told they paid the ransom, so they'll be target #1 basically forever with other ransomware groups now due to resiliency woes and willingness to pay.
Marks and Spencer's remuneration committee have opted not to dock the CEOs pay as expected and prior reported over the cyber incident, but instead increased it by £2m.
https://www.bbc.co.uk/news/articles/c23mz5eg091o
Marks & Spencer is holding walk-in in-store recruitment open days to fill vacant roles while its online hiring system remains offline following its ransomware attack in April. https://www.thegrocer.co.uk/news/mands-stores-staging-walk-in-recruitment-open-days-amid-cyberattack-disruption/705189.article
This Daily Mail piece about security leaders thinking work-from-home means they will be crippled is horseshit, I'm not linking it.
They've taken a survey about how security people think their businesses couldn't survive ransomware, and linked it to working from home. WFH isn't the problem: business IT and resilience being built on quicksand is the problem.