Tag

Tech Talk

Why Winging Your IT Strategy in 2026 Is Going to Cost You

April 28, 2026

Why Winging Your IT Strategy in 2026 Is Going to Cost You

A global memory shortage is reshaping IT budgets and hardware timelines. Here’s what it means for your business, and how to plan smarter in 2026.

Your IT Budget Is About to Get a Lot More Complicated

Most businesses have a rhythm when it comes to technology. Devices get refreshed every few years, servers get upgraded when they start struggling, and procurement happens more or less when it’s needed.

That rhythm is getting disrupted, and a lot of businesses haven’t felt it yet, but they will.

Something Is Happening in the Hardware Market

RAM image

There’s a global shortage of memory and storage components, the building blocks inside almost every piece of technology your business runs on. Laptops, desktops, servers, the infrastructure behind your cloud services. All of it depends on the same components that are now in increasingly short supply.

The reason? AI. The explosion in demand for AI systems has sent demand for high-performance memory through the roof, and manufacturers are prioritising production accordingly. Which means everyone else, including businesses like yours, is competing for what’s left.

What That Looks Like in Practice

You might already be seeing some of this without knowing exactly why.

Quotes coming in higher than expected. Hardware costs have climbed, and they’re not coming back down anytime soon. If you’re budgeting based on what things cost 18 months ago, you’re likely to get a surprise.

Waiting longer than you used to. Kit that would have arrived in two or three weeks is now taking months in some cases. If you’ve got a project kicking off, an office move, or a new team starting — that delay has consequences.

Decisions getting forced earlier. Some businesses are having to make purchasing calls before they’re really ready, simply to secure stock. Others are pushing back upgrades they probably shouldn’t be delaying. Neither feels great.

Planning getting harder. The thing that makes all of this particularly frustrating is that it’s unpredictable. Prices shift. Lead times change. What was available last quarter might not be available next quarter.

The Honest Reality of IT Planning Right Now

Here’s the thing: IT planning used to be something you could largely do from the inside out. Work out what the business needs, set a budget, procure accordingly. Relatively straightforward.

That still matters, but it’s not enough on its own anymore. What’s happening in the wider market now has a direct bearing on what you can buy, when you can get it, and what you’ll pay. Ignoring that doesn’t make it go away; it just means you get caught out by it.

Businesses that are managing this well have started thinking about IT a bit more like they think about other parts of their operation that are exposed to external pressures, with a bit more forward planning, a bit more flexibility in the budget, and a clearer sense of what decisions need to be made now rather than later.

Small Shifts That Make a Big Difference

You don’t need to overhaul how you run IT to get ahead of this. But a few changes in approach go a long way:

Look further ahead than you’re used to. If you’ve typically planned hardware purchases six months out, push that to twelve. The earlier you can identify what you need, the more options you have.

Build some flex into your IT budget. Fixed procurement budgets are increasingly hard to stick to when prices are volatile. Having some room to move means you’re not constantly going back to finance for approval.

Revisit your refresh cycle with fresh eyes. The schedule you set three years ago might not reflect the current reality. Some equipment might need to come forward; other things might be worth sweating a little longer.

Talk to your supplier sooner rather than later. If there’s kit you’re going to need in the next year, have that conversation now. A good technology partner will tell you what the lead times look like and help you plan around them.

Where Good Advice Pays for Itself

This is where the relationship you have with your technology supplier really starts to matter.

Anyone can take an order. But when the market is moving like this, what actually helps businesses is someone who can tell you what’s happening, what it means for your specific situation, and what the smartest move is — whether that’s buying now, waiting, or looking at alternative options you hadn’t considered.

That kind of advice doesn’t cost extra. But it can save you a lot.

So Where Does That Leave You?

The memory shortage isn’t going to quietly resolve itself. AI’s demand for compute and memory shows no signs of slowing, and the ripple effects are already moving through the broader technology market.

The businesses that come out of this in good shape won’t necessarily be the biggest or the best-resourced. They’ll be the ones who got ahead of it — who treated technology planning as something worth staying on top of, rather than something to deal with when a problem lands on their desk.

If you’re not sure whether your current IT setup and procurement approach is ready for the environment we’re in, that’s probably worth finding out sooner rather than later.

Want to know more about our Cyber security Services?

Our Cybersecurity Solutions

What is Social Engineering in Cyber Security?

April 13, 2026

What is Social Engineering in Cyber Security?

Understand how attackers manipulate people with different forms of social engineering, and learn how to stay safe online.

Social Engineering: A Cyber Threat That Targets People, Not Systems

When we used to think about cyberattacks, we imagined hackers breaking into systems through the back end. However, nowadays, many attacks start with something much simpler such as a conversation, an email, or a message that feels completely normal.

This is called social engineering, and it’s one of the most common ways attackers get into your systems.

What is Social Engineering in Cyber Security?

laptop with code

Social engineering is when someone tricks you into sharing information or taking an action that benefits them. So, instead of hackers breaking into systems, they rely on people slipping up. They normally do this by manipulating things like trust, curiosity, or urgency.

It might look like:

  • An email asking you to reset your password
  • A phone call from your ‘IT support’
  • A message saying you’ve got a delivery waiting

On the surface, these seem harmless. But they’re very carefully designed to catch employees out. A prime example of these types of attacks is the high profile M&S, Harrods and Co-op phishing attacks that happened in 2025, where an attacker group posed as employees and tricked help desk staff into resetting passwords or disabling MFA. You will remember how much disruption this caused across the entirety of the UK.

Why people fall for it

Social engineering works because it doesn’t feel like a cyber attack. Attackers are very good at creating situations where you might act quickly without thinking, trust the source without questioning it, feel worried or pressured to respond or are trying to be helpful.

In busy, everyday situations, like work emails or personal messages, it’s easy to miss the warning signs. Especially when they are so subtle.

Common types of social engineering attacks

You will have most definitely heard or even come across most of these social engineering techniques:

Phishing emails: Messages that look like they’re from legitimate companies, asking you to click a link or log in.

Text message scams: Short, urgent messages about deliveries, payments, or prizes.

Phone scams: Calls where someone pretends to be from a trusted organisation and asks for information.

Impersonation: Someone posing as your boss, a colleague, or a supplier, often asking for urgent help or payment.

Baiting: Offering something tempting (like free downloads or rewards) in exchange for your details.

Why it matters for businesses

For organisations, social engineering is more than just spammy emails or inconvenience, it can lead to serious risks. One small action, like clicking a link or sharing login details can lead to a serious cyberattack.

And because these attacks target people rather than systems, even the best tech can’t stop them completely.

What should your business do?

office meeting

Not everyone can be a cyber security expert, but there are a few simple habits can make a big difference.

Take a moment: If something feels urgent, slow down. This pressure is often intentional from the attackers.

Check before you trust: Look closely at who’s contacting you, even an extra letter in someone’s email address, or even added punctuation like ‘.’ can make a huge difference. If unsure, use official channels to confirm.

Keep your details private: Passwords and sensitive information should never be shared casually, even over email.

Be careful with links: If you didn’t expect a link, don’t click it.

Train your team: One of the most effective ways to reduce risk is through regular cybersecurity awareness training. At Mother, we offer training powered by KnowBe4 that helps staff recognise real-world scams, spot red flags, and respond confidently.

It’s practical, easy to follow, and designed for everyday people, not just IT teams. Making employees carry this training out regularly raises their awareness on the scams and can make a big difference to your organisation.

For more information on our cybersecurity awareness training: https://www.mothertech.co.uk/security-awareness-training/

Want to know more about our Cyber security Services?

Our Cybersecurity Solutions

In-House IT vs Managed IT Services: Which Actually Makes Sense for Your Business?

February 10, 2026

In-House IT vs Managed IT Services: Which Actually Makes Sense for Your Business?

Most growing businesses reach a point where their current IT setup starts to feel reactive rather than supportive. If you’re weighing up in-house IT versus managed IT services, this tech talk breaks down the real differences and helps you work out which approach actually makes sense for your business.

This is a conversation our sales team have a lot with new customers. It usually starts with something like, “We’ve got an internal IT person, but things still feel reactive,” or “We’re not sure if managed IT is overkill for a business our size.”

If you’re weighing up in-house vs managed IT services, you’re not alone. On paper, having someone internal can feel simpler. However, the decision is a bit more complicated, especially for small to medium sized businesses.

What do we actually mean by in-house IT?

Team looking at computer

In-house IT typically means a single IT manager or technician or a very small internal IT team.

For some businesses, this works well. This is often the case where IT is closely tied to daily operations.

What we often see, though, is in-house IT being stretched thin. One person covering helpdesk tickets, security, backups, vendor management, projects, future strategy, and compliance is a lot to ask, especially in the technology space which is constantly evolving.  Even the most capable individuals can end up stuck reacting to issues rather than planning ahead and keeping up to date with the latest tech.

What are managed IT services?

Managed IT services are essentially outsourced IT support, but delivered on an ongoing and proactive basis, not just “call us when it breaks”.

A managed IT provider, like Mother, will usually look after daily support, monitoring and maintenance, cybersecurity, backups and disaster recovery, and longer-term planning. The key difference is coverage. Instead of relying on one person, you have access to a wider team with different skill sets and specialisms.

Cost: the part everyone focuses on first

At first glance, in-house IT can appear cheaper. One salary and no monthly contract feels pretty straightforward.

Once you look a little closer, hidden costs often emerge. These can include salary related costs like pensions and training, a lack of cover during holidays or sickness, and the need to pay extra for external support when something falls outside your IT person’s realm.

Managed IT services come with predictable costs. You pay a fixed monthly fee that usually includes support, tooling, monitoring, and ongoing improvements. It is not always cheaper, but it is far more transparent and easier to budget for.

Skills, depth, and the “what happens if…” question

This is where the difference often becomes most obvious.

Many internal IT staff are excellent at keeping things running day to day, but do not always have the time or headspace to stay on top of evolving cybersecurity threats, compliance requirements, long-term IT strategy, or new technologies that could genuinely benefit the business.

With managed IT support, you are not dependent on one person knowing everything. Problems that span networking, security, cloud, and hardware are handled as part of the norm, rather than becoming a crisis.

And then there is the uncomfortable question many directors eventually ask: what happens if our IT person leaves?

Control vs collaboration

A team collaborating around a table

A common concern is losing control by outsourcing IT. In reality, it is less about control and more about collaboration.

The best setups are where the business owns decisions and priorities, and IT, whether internal or managed, advises, implements, and challenges when needed. Managed IT should not mean handing everything over blindly. At Mother, we like to act as an extension to your organisation, constantly working with your organisation to see what works and what doesn’t.

So which is better: in house or outsourced IT Support

There is no universal answer.

An internal IT team can make sense if you are large enough to support a full team, IT is central to your core product, or you need a constant on-site presence.

Managed IT services tend to work well if you want predictable costs, value proactive support over firefighting, need access to a wider range of expertise, or want to avoid IT becoming a single point of failure.

Some businesses choose a mixed approach, keeping internal IT while using a MSP for additional help with things like cybersecurity and strategy. 

One last thing

From our side at Mother, most businesses do not come to us because their IT is completely broken. They come because it is likely holding them back or because too much pressure and responsibility sits with one individual. 

Want to know more about our IT Support Solutions?

View Them Here

Mapping Major Cyberattacks on UK Businesses in 2025

October 20, 2025

Mapping Major Cyberattacks on UK Businesses in 2025

Discover the biggest UK cyberattacks of 2025 and the crucial lessons they teach businesses about resilience, response, and prevention. Learn how companies like M&S, JLR, and Harrods were targeted — and how you can protect your organisation from evolving cyber threats.

What this year’s attacks tell us about the state of cyber threats in the UK

As we reach the end of 2025, one thing is clear: cyberattacks are no longer rare events, they’re part of daily life, and not just for businesses.

Whether you run a SMB, a supermarket, or a global car brand, the risks are the same: hackers are getting faster, smarter, and even more relentless.

The government’s Cyber Security Breaches Survey 2025 estimated that over 600,000 UK businesses and 61,000 charities were targeted this year alone. Considering how little we thought about cybersecurity only just a few years ago, now, it’s something no organisation can afford to ignore.

This blog post looks back at some of the biggest attacks that made headlines this year, what happened, how long it took to recover, and most importantly, what every business can learn from them. While this is a very small representation of the attacks that have occurred in the UK this year, the disruption they have caused is still clear.

1. Marks & Spencer — weeks of disruption

Empty Supermarket Shelves

When: April 2025

What happened: Household name, M&S, was hit with a large scale ransomware attack that encrypted their systems, with hackers stealing customers personal data. The attack, which was believed to of happened through a third party, which then used social engineering to trick employees into handing over access. This caused widespread disruption including suspension to online services, and also in store chaos with payment issues and empty shelves in some places. This attack is estimated to of cost M&S around £300 million in lost profit. Even although the attack happened over easter weekend, M&S did not fully resume its online operations until the middle of June.

What it teaches us: Even the large, well equipped companies can fall victim.  Despite the company’s security investments, hackers managed to get in through human error. This highlights the importance that security awareness training has in organisations. Making security everyone’s responsibility (and not just the IT Teams) ensures that employees take extra caution when passing on details, dealing with system changes, and anything else. 

2. Co-op — a fast response that made the difference

When: April 2025

What happened: Around the same time, hackers which were responsible for M&S, also infiltrated the Co-op’s systems. However, the Co-op faced way less disruption, as ransomware never actually got deployed due to them yanking their own plug when they suspected suspicious activity, meaning the cybercriminals were unable to carry out their attack.

While there were temporary shortages and delivery delays, Co-op avoided the prolonged shutdown that M&S faced.

What it teaches us: With cyber attacks now being a ‘when?’ rather than ‘if?’, how you respond matters. Quick isolation beats slow defence. The Co-op’s actions, over M&S, shows that being decisive, even if it means short-term disruption, can turn a potential disaster into a manageable event.  We recommend implementing a cyber response plan into your business, so that if you are faced with a cyber attack, everyone in the organisation knows how to respond.

3. Harrods - Proactive and Contained

When: May 2025

What happened: Harrods detected attempts to access its systems through a third party and swiftly restricted internet access across stores. The company contained the attack with minimal public impact. However, in September, Harrods warned customers that an IT systems breach at a third-party provider may have exposed personal data like names and contact details. Once again, Harrods acted quickly to contain the situation.

What it teaches us: Having clear authority to act quickly can make all the difference. Prevention is great,  but preparation and decisiveness are better. Additionally, Harrods being a target for cyber attacks twice in the last 6 months, highlights that cybersecurity is not a onetime thing, but an ongoing commitment.

4. Jaguar Land Rover — when production stops

When: August 2025

What happened: Jaguar Land Rover (JLR) has suffered a major cyberattack that forced it to shut down production. Without a completed cyber insurance policy, JLR is absorbing the full impact, with potential losses exceeding £3.5 billion in revenue and £1.3 billion in gross profit. The disruption is rippling through its supply chain, threatening tens of thousands of jobs and putting smaller suppliers and dealerships at risk of cash flow crises and layoffs. JLR is cautiously restoring systems with expert help, though smaller partners may struggle to recover as quickly.

What it teaches us: The attack highlights the need for strong cybersecurity, regular staff training, and clear response plans to reduce risks and limit damage. It also shows why having cyber insurance and a resilient supply chain is essential to protect businesses from wider disruption.

5. Kido Nursery Group — personal data exposed

When: Reported September 2025

What happened: Cybercriminals accessed Kido, a London based nursery chain’s systems and published photos and personal details belonging to children, parents, and staff onto the dark web. The nursery group reacted quickly and contacted families while working with police and data regulators.

The Kido hackers are now pushing affected families to sue the nursery chain, which is already struggling with severe damage to its reputation.

Investigators believe the attack started with stolen or phished login details.

What it teaches us: Cyber criminals have no limits. Seeing the group deliberately going after children — something most attackers avoid, often backing off completely once they realise kids’ data is involved is a worrying shift and shows that truly, no industry is safe. At Mother, we’ve worked closely with many education organisations and know exactly how to help them stay safe. Take a look at our education-focused solutions here.

Additionally, protecting data means more than strong passwords it means turning on multi-factor authentication (MFA) everywhere and using password managers to avoid password reuse. You can view our how to create a strong password policy here. Once again, this awareness should be spread across your organisation.

6. Renault UK — a supplier becomes the weak link

When: October 2025

What happened: Renault confirmed that customer data had been stolen via a cyberattack on one of its third-party data processors. No financial data was taken, but personal information was exposed, leading to warnings about potential phishing attempts.

What it teaches us: With many of these cyber-attacks happening through third party suppliers, one thing is clear, you are only as secure as your partners. Review who handles your data and make sure the third parties you work with have security standards in place, cyber essentials for example.  

What 2025 Has Shown Us

Cyberattacks this year have affected almost every sector — childcare, retail, automotive, and manufacturing.

The message is clear: no organisation is too big or too small to be targeted.

Here are the key takeaways every business should remember:

  • Expect it. Cyber incidents are now a matter of when, not if.
  • React fast. Early isolation and communication can stop an attack from escalating. You can view our cyber threat action plan here. 
  • Know your partners. Supplier breaches are now one of the most common causes. Working with organisations who have cyber essentials plus can help in keeping your business safe. 
  • Plan for recovery. Regularly test backups and restore processes — don’t wait for an emergency.
  • Education: Making everyone inside your organisation aware of how to spot a cyberattack is key. Having all these solutions in place is great, but that can all be for nothing if an employee opens the door for these criminals to walk in. Our security awareness solution can be found here. 

The Bottom Line

Cybersecurity isn’t just an IT issue anymore — it’s a business continuity issue.

As 2025 draws to a close, it’s time for businesses to focus less on avoiding every possible attack and more on how to survive and recover when one happens.

In the years ahead, the winners won’t just be the most secure organisations they’ll be the most resilient.

Want to know more about our Cybersecurity Solutions?

View Them Here

How Managed IT Services Can Reduce Business Costs in 2025

January 30, 2025

Connectivity Challenges in a Multi-Location Business and How to Solve Them

November 20, 2024

Everything You Need to Know About Phishing Attacks

October 29, 2024

The Human Factor in Cybersecurity

October 8, 2024

Charities and Cybersecurity: A Growing Threat

July 16, 2024

Mastering Password Security: Keep Your Business Safe

May 22, 2024
1 2 3