The M&S wake-up call: VPNs aren’t enough
The M&S attack exploited VPN vulnerabilities, still a common weak link in retail. Broad network access allowed attackers to steal customer data (names, addresses, order histories) and disrupt operations, including e-commerce and supply chains. The breach cost M&S over £100 million, a 10% drop in share value and potential GDPR fines.
This wasn’t an isolated case, either. With 56% of organizations experiencing VPN-related cyberattacks, the attack reflects a broader trend: traditional perimeter-based security fails in today’s distributed, cloud-first world. Retail’s reliance on customer data and online platforms makes it an especially prime target.
Shutting down IT systems might seem like a fast fix, but it just disrupts operations further. M&S’s experience shows how such measures cripple business continuity, alienating customers and stunting revenue. Instead, prevention—not panic—using modern tools like ZTNA and DLP directly addresses core issues: overly broad access, limited visibility and weak data controls. These tools also support work-from-home (WFH) initiatives while maintaining compliance with regulations like GDPR.
ZTNA: Securing Access with Zero Trust
ZTNA replaces VPNs with an identity-centric, “never trust, always verify” approach that reduces the attack surface. Instead of blanket access, users reach only specific apps based on identity, device and context. Continuous monitoring and microsegmentation stop lateral movement—key in the M&S breach. Its cloud-native design also keeps remote access secure without slowing down your users.
DLP: Identifying and Protecting Sensitive Data
DLP complements ZTNA by finding and classifying sensitive data across cloud, endpoints and SaaS platforms. It flags high-risk assets like customer databases and monitors data movement, such as downloads to personal devices. With a clear view of sensitive data, DLP ensures ZTNA policies target the most critical assets first, significantly reducing your risk of breaches. For example, DLP can flag GDPR-covered customer data, prompting stricter access controls to prevent theft.
ZTNA + DLP = Security-First WFH
Together, ZTNA and DLP secure remote users without compromising productivity. DLP finds where sensitive data lives (in Salesforce, for instance, or on the local network), while ZTNA restricts access based on identity and device context, blocking attackers even if credentials are stolen. Integration with SIEM tools enhances visibility for rapid incident response—something M&S lacked during its breach. Together, they detect insider threats, speed up response with SIEM integration and keep tools like Microsoft 365 secure. Yes, even on home Wi-Fi.