Tag

Tech Talk

Social Engineering: A Cyber Threat That Targets People, Not Systems

April 13, 2026Tech TalkTech Talk

Social Engineering: A Cyber Threat That Targets People, Not Systems

April 13, 2026

What is social engineering? Understand how attackers manipulate people, explore common techniques, and learn how to stay safe online.

When we used to think about cyberattacks, we imagined hackers breaking into systems through the back end. However, nowadays, many attacks start with something much simpler such as a conversation, an email, or a message that feels completely normal.

This is called social engineering, and it’s one of the most common ways attackers get into your systems.

What is Social Engineering in Cyber Security?

Social engineering is when someone tricks you into sharing information or taking an action that benefits them. So, instead of hackers breaking into systems, they rely on people slipping up. They normally do this by manipulating things like trust, curiosity, or urgency.

It might look like:

An email asking you to reset your password
A phone call from your ‘IT support’
A message saying you’ve got a delivery waiting

On the surface, these seem harmless. But they’re very carefully designed to catch employees out. A prime example of these types of attacks is the M&S, Harrods and Co-op attacks that happened in 2025, where an attacker group posed as employees and tricked help desk staff into resetting passwords or disabling MFA. You will remember how much disruption this caused across the entirety of the UK.

Why people fall for it

Social engineering works because it doesn’t feel like a cyber attack. Attackers are very good at creating situations where you might act quickly without thinking, trust the source without questioning it, feel worried or pressured to respond or are trying to be helpful.

In busy, everyday situations, like work emails or personal messages, it’s easy to miss the warning signs. Especially when they are so subtle.

Common types of social engineering attacks

You will have most definitely heard or even come across most of these:

Phishing emails: Messages that look like they’re from legitimate companies, asking you to click a link or log in.

Text message scams: Short, urgent messages about deliveries, payments, or prizes.

Phone scams: Calls where someone pretends to be from a trusted organisation and asks for information.

Impersonation: Someone posing as your boss, a colleague, or a supplier, often asking for urgent help or payment.

Baiting: Offering something tempting (like free downloads or rewards) in exchange for your details.

Why it matters for businesses

For organisations, social engineering is more than just spammy emails or inconvenience, it can lead to serious risks. One small action, like clicking a link or sharing login details can lead to a serious cyberattack.

And because these attacks target people rather than systems, even the best tech can’t stop them completely.

What should your business do?

Not everyone can be a cyber security expert, but there are a few simple habits can make a big difference.

Take a moment: If something feels urgent, slow down. This pressure is often intentional from the attackers.

Check before you trust: Look closely at who’s contacting you, even an extra letter in someone’s email address, or even added punctuation like ‘.’ can make a huge difference. If unsure, use official channels to confirm.

Keep your details private: Passwords and sensitive information should never be shared casually, even over email.

Be careful with links: If you didn’t expect a link, don’t click it.

Train your team: One of the most effective ways to reduce risk is through regular cybersecurity awareness training. At Mother, we offer training powered by KnowBe4 that helps staff recognise real-world scams, spot red flags, and respond confidently.

It’s practical, easy to follow, and designed for everyday people, not just IT teams. Making employees carry this training out regularly raises their awareness on the scams and can make a big difference to your organisation.

For more information on our cybersecurity awareness training: https://www.mothertech.co.uk/security-awareness-training/

Want to know more about our Cybersecurity Services?

In-House IT vs Managed IT Services: Which Actually Makes Sense for Your Business?

February 10, 2026Tech TalkTech Talk

In-House IT vs Managed IT Services: Which Actually Makes Sense for Your Business?

February 10, 2026

Most growing businesses reach a point where their current IT setup starts to feel reactive rather than supportive. If you’re weighing up in-house IT versus managed IT services, this tech talk breaks down the real differences and helps you work out which approach actually makes sense for your business.

This is a conversation our sales team have a lot with new customers. It usually starts with something like, “We’ve got an internal IT person, but things still feel reactive,” or “We’re not sure if managed IT is overkill for a business our size.”

If you’re weighing up in-house vs managed IT services, you’re not alone. On paper, having someone internal can feel simpler. However, the decision is a bit more complicated, especially for small to medium sized businesses.

What do we actually mean by in-house IT?

In-house IT typically means a single IT manager or technician or a very small internal IT team.

For some businesses, this works well. This is often the case where IT is closely tied to daily operations.

What we often see, though, is in-house IT being stretched thin. One person covering helpdesk tickets, security, backups, vendor management, projects, future strategy, and compliance is a lot to ask, especially in the technology space which is constantly evolving. Even the most capable individuals can end up stuck reacting to issues rather than planning ahead and keeping up to date with the latest tech.

What are managed IT services?

Managed IT services are essentially outsourced IT support, but delivered on an ongoing and proactive basis, not just “call us when it breaks”.

A managed IT provider, like Mother, will usually look after daily support, monitoring and maintenance, cybersecurity, backups and disaster recovery, and longer-term planning. The key difference is coverage. Instead of relying on one person, you have access to a wider team with different skill sets and specialisms.

Cost: the part everyone focuses on first

At first glance, in-house IT can appear cheaper. One salary and no monthly contract feels pretty straightforward.

Once you look a little closer, hidden costs often emerge. These can include salary related costs like pensions and training, a lack of cover during holidays or sickness, and the need to pay extra for external support when something falls outside your IT person’s realm.

Managed IT services come with predictable costs. You pay a fixed monthly fee that usually includes support, tooling, monitoring, and ongoing improvements. It is not always cheaper, but it is far more transparent and easier to budget for.

Skills, depth, and the “what happens if…” question

This is where the difference often becomes most obvious.

Many internal IT staff are excellent at keeping things running day to day, but do not always have the time or headspace to stay on top of evolving cybersecurity threats, compliance requirements, long-term IT strategy, or new technologies that could genuinely benefit the business.

With managed IT support, you are not dependent on one person knowing everything. Problems that span networking, security, cloud, and hardware are handled as part of the norm, rather than becoming a crisis.

And then there is the uncomfortable question many directors eventually ask: what happens if our IT person leaves?

Control vs collaboration

A common concern is losing control by outsourcing IT. In reality, it is less about control and more about collaboration.

The best setups are where the business owns decisions and priorities, and IT, whether internal or managed, advises, implements, and challenges when needed. Managed IT should not mean handing everything over blindly. At Mother, we like to act as an extension to your organisation, constantly working with your organisation to see what works and what doesn’t.

So which is better: in house or outsourced IT Support

There is no universal answer.

An internal IT team can make sense if you are large enough to support a full team, IT is central to your core product, or you need a constant on-site presence.

Managed IT services tend to work well if you want predictable costs, value proactive support over firefighting, need access to a wider range of expertise, or want to avoid IT becoming a single point of failure.

Some businesses choose a mixed approach, keeping internal IT while using a MSP for additional help with things like cybersecurity and strategy.

One last thing

From our side at Mother, most businesses do not come to us because their IT is completely broken. They come because it is likely holding them back or because too much pressure and responsibility sits with one individual.

Want to know more about our IT Support Solutions?

Mapping Major Cyberattacks on UK Businesses in 2025

October 20, 2025Tech TalkTech Talk

Mapping Major Cyberattacks on UK Businesses in 2025

October 20, 2025

Discover the biggest UK cyberattacks of 2025 and the crucial lessons they teach businesses about resilience, response, and prevention. Learn how companies like M&S, JLR, and Harrods were targeted — and how you can protect your organisation from evolving cyber threats.

What this year’s attacks tell us about the state of cyber threats in the UK

As we reach the end of 2025, one thing is clear: cyberattacks are no longer rare events, they’re part of daily life, and not just for businesses.

Whether you run a SMB, a supermarket, or a global car brand, the risks are the same: hackers are getting faster, smarter, and even more relentless.

The government’s Cyber Security Breaches Survey 2025 estimated that over 600,000 UK businesses and 61,000 charities were targeted this year alone. Considering how little we thought about cybersecurity only just a few years ago, now, it’s something no organisation can afford to ignore.

This blog post looks back at some of the biggest attacks that made headlines this year, what happened, how long it took to recover, and most importantly, what every business can learn from them. While this is a very small representation of the attacks that have occurred in the UK this year, the disruption they have caused is still clear.

1. Marks & Spencer — weeks of disruption

When: April 2025

What happened: Household name, M&S, was hit with a large scale ransomware attack that encrypted their systems, with hackers stealing customers personal data. The attack, which was believed to of happened through a third party, which then used social engineering to trick employees into handing over access. This caused widespread disruption including suspension to online services, and also in store chaos with payment issues and empty shelves in some places. This attack is estimated to of cost M&S around £300 million in lost profit. Even although the attack happened over easter weekend, M&S did not fully resume its online operations until the middle of June.

What it teaches us: Even the large, well equipped companies can fall victim. Despite the company’s security investments, hackers managed to get in through human error. This highlights the importance that security awareness training has in organisations. Making security everyone’s responsibility (and not just the IT Teams) ensures that employees take extra caution when passing on details, dealing with system changes, and anything else.

2. Co-op — a fast response that made the difference

When: April 2025

What happened: Around the same time, hackers which were responsible for M&S, also infiltrated the Co-op’s systems. However, the Co-op faced way less disruption, as ransomware never actually got deployed due to them yanking their own plug when they suspected suspicious activity, meaning the cybercriminals were unable to carry out their attack.

While there were temporary shortages and delivery delays, Co-op avoided the prolonged shutdown that M&S faced.

What it teaches us: With cyber attacks now being a ‘when?’ rather than ‘if?’, how you respond matters. Quick isolation beats slow defence. The Co-op’s actions, over M&S, shows that being decisive, even if it means short-term disruption, can turn a potential disaster into a manageable event. We recommend implementing a cyber response plan into your business, so that if you are faced with a cyber attack, everyone in the organisation knows how to respond.

3. Harrods - Proactive and Contained

When: May 2025

What happened: Harrods detected attempts to access its systems through a third party and swiftly restricted internet access across stores. The company contained the attack with minimal public impact. However, in September, Harrods warned customers that an IT systems breach at a third-party provider may have exposed personal data like names and contact details. Once again, Harrods acted quickly to contain the situation.

What it teaches us: Having clear authority to act quickly can make all the difference. Prevention is great, but preparation and decisiveness are better. Additionally, Harrods being a target for cyber attacks twice in the last 6 months, highlights that cybersecurity is not a onetime thing, but an ongoing commitment.

4. Jaguar Land Rover — when production stops

When: August 2025

What happened: Jaguar Land Rover (JLR) has suffered a major cyberattack that forced it to shut down production. Without a completed cyber insurance policy, JLR is absorbing the full impact, with potential losses exceeding £3.5 billion in revenue and £1.3 billion in gross profit. The disruption is rippling through its supply chain, threatening tens of thousands of jobs and putting smaller suppliers and dealerships at risk of cash flow crises and layoffs. JLR is cautiously restoring systems with expert help, though smaller partners may struggle to recover as quickly.

What it teaches us: The attack highlights the need for strong cybersecurity, regular staff training, and clear response plans to reduce risks and limit damage. It also shows why having cyber insurance and a resilient supply chain is essential to protect businesses from wider disruption.

5. Kido Nursery Group — personal data exposed

When: Reported September 2025

What happened: Cybercriminals accessed Kido, a London based nursery chain’s systems and published photos and personal details belonging to children, parents, and staff onto the dark web. The nursery group reacted quickly and contacted families while working with police and data regulators.

The Kido hackers are now pushing affected families to sue the nursery chain, which is already struggling with severe damage to its reputation.

Investigators believe the attack started with stolen or phished login details.

What it teaches us: Cyber criminals have no limits. Seeing the group deliberately going after children — something most attackers avoid, often backing off completely once they realise kids’ data is involved is a worrying shift and shows that truly, no industry is safe. At Mother, we’ve worked closely with many education organisations and know exactly how to help them stay safe. Take a look at our education-focused solutions here.

Additionally, protecting data means more than strong passwords it means turning on multi-factor authentication (MFA) everywhere and using password managers to avoid password reuse. You can view our how to create a strong password policy here. Once again, this awareness should be spread across your organisation.

6. Renault UK — a supplier becomes the weak link

When: October 2025

What happened: Renault confirmed that customer data had been stolen via a cyberattack on one of its third-party data processors. No financial data was taken, but personal information was exposed, leading to warnings about potential phishing attempts.

What it teaches us: With many of these cyber-attacks happening through third party suppliers, one thing is clear, you are only as secure as your partners. Review who handles your data and make sure the third parties you work with have security standards in place, cyber essentials for example.

What 2025 Has Shown Us

Cyberattacks this year have affected almost every sector — childcare, retail, automotive, and manufacturing.

The message is clear: no organisation is too big or too small to be targeted.

Here are the key takeaways every business should remember:

Expect it. Cyber incidents are now a matter of when, not if.
React fast. Early isolation and communication can stop an attack from escalating. You can view our cyber threat action plan here.
Know your partners. Supplier breaches are now one of the most common causes. Working with organisations who have cyber essentials plus can help in keeping your business safe.
Plan for recovery. Regularly test backups and restore processes — don’t wait for an emergency.
Education: Making everyone inside your organisation aware of how to spot a cyberattack is key. Having all these solutions in place is great, but that can all be for nothing if an employee opens the door for these criminals to walk in. Our security awareness solution can be found here.

The Bottom Line

Cybersecurity isn’t just an IT issue anymore — it’s a business continuity issue.

As 2025 draws to a close, it’s time for businesses to focus less on avoiding every possible attack and more on how to survive and recover when one happens.

In the years ahead, the winners won’t just be the most secure organisations they’ll be the most resilient.