M&S Lost 7.7%. Your Cyber Posture Is a Sourcing Decision.

FY26. Marks & Spencer reported a 7.7% reduction in Fashion, Home & Beauty sales. The proximate cause wasn't a demand collapse or a trend miss. It was a cyberattack. And while most post-mortems on that number will live inside the IT department, the more important conversation belongs inside your sourcing function.

The Breach Didn't Stop at the Firewall

When a retailer of M&S's scale loses operational continuity, the damage runs in both directions across the supply chain. Supplier payment cycles stall. Purchase orders don't confirm. Reorder signals don't transmit. Manufacturers on 30- or 45-day payment terms start making quiet decisions about allocation priority. The brand that goes dark, even briefly, slides down the production queue.

This is the part of cyber risk that doesn't make earnings calls. The revenue loss is visible. The sourcing relationship erosion is not. It accrues silently, in the form of longer lead times, tighter minimums, and factories that quietly shift their best capacity toward buyers whose systems stayed online.

Resilience Is a Systems Architecture Problem

Brands that absorbed disruption fastest in the last three years share a structural trait. Their sourcing operations don't depend on a single system staying live. Purchase order data exists in more than one place. Supplier contacts are documented outside the primary ERP. Payment authorization pathways have a manual fallback. None of this is glamorous infrastructure. All of it becomes decisive when a system goes down for 72 hours.

The M&S number is a benchmark, not just a cautionary anecdote. A 7.7% sales decline from a single operational event tells you what downtime costs a mid-to-large apparel brand in real revenue terms. Apply that ratio to your own annual fashion revenue. That figure is what you are currently self-insuring against by not formalizing your continuity architecture.

The Operator's Decision: Where to Build the Redundancy

The question isn't whether to invest in operational resilience. The M&S result settled that. The question is where your sourcing function is most exposed to a single point of failure, and which of those points would cost you supplier alignment if it went dark.

Start with supplier payment. If your accounts payable process requires your core system to be live, you have a concentration risk. Build a documented, tested manual payment authorization protocol before you need it. Then move to order confirmation. Your top 10 suppliers by volume should have a direct communication channel for order status that does not run exclusively through your commerce platform. A shared document, a standing call cadence, a designated contact on both sides. Simple. Durable.

Third, audit your reorder signal dependencies. Many brands have automated reorder triggers embedded in their ERP or inventory management systems. If that system goes offline, does your team know what to reorder manually, and by when? If the answer requires a system login to find out, that's a structural gap worth closing before the next disruption arrives.

The Larger Alignment at Stake

A cyberattack is an acute event. The sourcing consequences are chronic. The factory that deprioritized your allocation in March may not tell you until July, when your lead time quietly stretches from 14 weeks to 18. By then, the connection to the original incident is invisible, and the cost shows up as a missed season rather than a breach consequence.

M&S will recover. Large retailers with strong brand equity tend toward mean reversion on the revenue line. The more durable question is what the attack cost them in supplier relationship capital. That's the number that doesn't appear in the earnings release. Your job is to make sure it never appears in yours.

Three Questions to Pressure-Test Your Posture

If your primary commerce system went offline for 72 hours starting tonight, which supplier relationships would fracture first? When did you last verify that your top three suppliers have a confirmed out-of-system contact protocol with your team? And if your automated reorder signals stopped transmitting today, how many days before you'd know, and how many days before your factory would?