{"id":872184,"date":"2025-09-11T21:11:57","date_gmt":"2025-09-12T02:11:57","guid":{"rendered":"https:\/\/newsycanuse.com\/index.php\/2025\/09\/11\/ms-parts-ways-with-cto-after-cyber-attack\/"},"modified":"2025-09-11T21:11:57","modified_gmt":"2025-09-12T02:11:57","slug":"ms-parts-ways-with-cto-after-cyber-attack","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2025\/09\/11\/ms-parts-ways-with-cto-after-cyber-attack\/","title":{"rendered":"M&#038;S parts ways with CTO after cyber attack"},"content":{"rendered":"<div id=\"content-header\">\n<h2>M&#038;S chief digital and technology officer Rachel Higham steps back from her role in the wake of the April 2025 cyber attack on the retailer&#8217;s systems.<\/h2>\n<\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<div id=\"contributors-block\">\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"Alex Scroxton\">\n\t\t\t\t\t<\/p>\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Alex-Scroxton\">Alex Scroxton,<\/a><br \/>\n\t\t\t\t\t\t<span>Security Editor<\/span>\n\t\t\t\t\t\t<\/li>\n<\/ul>\n<p>\n\tPublished: <span>11 Sep 2025 20:55<\/span>\n<\/p>\n<\/div>\n<section id=\"content-body\">\n<p>Marks &#038; Spencer chief digital and technology officer Rachel Higham is to leave the retailer, in the wake of <a href=\"https:\/\/www.computerweekly.com\/news\/366622847\/Cyber-attack-downs-systems-at-Marks-Spencer\" target=\"_blank\" rel=\"noopener\">a ransomware attack on its core systems<\/a> from which it is still recovering.<\/p>\n<p>Higham, who had been in post for less than two years, will be replaced by current retail director Sacha Berendji, according to M&#038;S, which said Higham plans to take a career break.<\/p>\n<p>In an internal memo obtained by specialist retail magazine <i><a href=\"https:\/\/www.thegrocer.co.uk\/news\/mands-chief-digital-and-technology-officer-rachel-higham-stepping-down\/709248.article\" target=\"_blank\" rel=\"noopener\">The Grocer<\/a><\/i>, M&#038;S chief exec Stuart Machin said that having steered the team through \u201ca challenging six months\u201d Higham herself had taken the decision to step back.<\/p>\n<p>\u201cRachel has been a valued part of the leadership team since joining, building a strengthened digital and technology function, playing a key role over recent months, and laying foundations for the future,\u201d Machin wrote.<\/p>\n<p>\u201cRachel has been a steady hand and calm head at an extraordinary time for the business, and we wish her well for the future.\u201d<\/p>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/366623453\/Scattered-Spider-on-the-hook-for-MS-cyber-attack\" target=\"_blank\" rel=\"noopener\">The Scattered Spider attack on M&#038;S<\/a> crippled the retailers\u2019 systems at Easter after IT teams were forced to take emergency action and pull systems offline.<\/p>\n<p>The high street stalwart was forced to contend with gaps on shelves due to problems with its stock systems, and the suspension of various online services such as click-and-collect. Similar attacks befell Co-op and Harrods at the same time, although these are not thought to have been as severe in their impact.<\/p>\n<p>In M&#038;S\u2019 case, although most of the disrupted services are now back up and running, the financial impact will be long lasting, with the retailer previously saying it expects to be out-of-pocket to the tune of at least \u00a3300m.<\/p>\n<section data-menu-title=\"Traumatic experience\">\n<h2><i data-icon=\"1\"><\/i>Traumatic experience<\/h2>\n<p>Managing incident response in the wake of a high-profile cyber attack is an intense and difficult job, and IT and security leaders on the frontlines frequently find themselves having to shoulder a certain amount of blame, although there is no indication that Higham and M&#038;S have parted ways amid any negative sentiment.<\/p>\n<p>Nevertheless the psychological impact of experiencing such an incident \u2013 particularly when a gang such as Scattered Spider, which has on occasion been known to resort to violent threats against its targets \u2013 is not to be underestimated.<\/p>\n<p>Indeed, burnout has become a perennial problem among CISOs and security pros, not helped by the widening scope of both the threat landscape, and the responsibilities linked to the role.<\/p>\n<p><a href=\"https:\/\/www.computerweekly.com\/opinion\/Burnout-burden-why-CISOs-are-at-breaking-point-what-needs-to-change\" target=\"_blank\" rel=\"noopener\">Writing in Computer Weekly in July<\/a>, Tim Grieveson, CSO at <a href=\"https:\/\/www.thingsrecon.com\/\" target=\"_blank\" rel=\"noopener\">ThingsRecon<\/a>, said: \u201cThe CISO and security leader role has been stretched as they become accountable and responsible for more assets, processes and capabilities critical for business operations.<\/p>\n<p>\u201cThe more critical cyber security becomes to business continuity, customer trust, and regulatory compliance, the more the CISO role is being morphed beyond recognition, and we\u2019re approaching breaking point,\u201d he said.<\/p>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/366627274\/MS-calls-for-mandatory-ransomware-reporting\" target=\"_blank\" rel=\"noopener\">Describing the impact of the M&#038;S cyber attack<\/a> before a parliamentary committee in July, the retailer\u2019s chairman Archie Norman said: \u201cIt\u2019s fair to say that everybody at M&#038;S experienced it.<\/p>\n<p>\u201cOur ordinary shop colleagues [were] working in ways they hadn\u2019t worked for 30 years, working extra hours just to try to keep the show on the road. Let aside our tech colleagues, for a week, probably, the cyber team had no sleep.<\/p>\n<p>\u201cIt\u2019s not an overstatement to describe it as traumatic,\u201d said Norman.<\/p>\n<p>Computer Weekly contacted M&#038;S seeking further comment but the organisation had not responded at press time.<\/p>\n<\/section>\n<\/section>\n<section id=\"DigDeeperSplash\">\n<h4>\n\t\t\t<i data-icon=\"m\"><\/i>Read more on IT for retail and logistics<\/h4>\n<ul>\n<li><a id=\"DigDeeperItem-1\" href=\"https:\/\/www.computerweekly.com\/news\/366630416\/Jaguar-Land-Rover-cyber-attack-keeps-workers-at-home\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/HeroImages\/Jaguar-Land-Rover-f-type-coup-d-PR-hero_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/HeroImages\/Jaguar-Land-Rover-f-type-coup-d-PR-hero_searchsitetablet_520X173.jpg 960w,https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/HeroImages\/Jaguar-Land-Rover-f-type-coup-d-PR-hero.jpg 1280w\" alt ><\/p>\n<h5>Jaguar Land Rover cyber attack keeps workers at home<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/rms\/computerweekly\/Brian-McKenna-profile-pic-2022-140x180px.jpg\" alt=\"BrianMcKenna\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Brian\u00a0McKenna<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-2\" href=\"https:\/\/www.computerweekly.com\/news\/366629343\/Workday-hit-in-wave-of-social-engineering-attacks\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/HeroImages\/security-data-breach-stolen-Shawn-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/HeroImages\/security-data-breach-stolen-Shawn-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/HeroImages\/security-data-breach-stolen-Shawn-adobe.jpg 1280w\" alt ><\/p>\n<h5>Workday hit in wave of social engineering attacks<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-3\" href=\"https:\/\/www.computerweekly.com\/news\/366629157\/Researchers-firm-up-ShinyHunters-Scattered-Spider-link\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/visuals\/German\/article\/penetrationtest-wall-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/www.computerweekly.com\/visuals\/German\/article\/penetrationtest-wall-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/www.computerweekly.com\/visuals\/German\/article\/penetrationtest-wall-adobe.jpg 1280w\" alt ><\/p>\n<h5>Researchers firm up ShinyHunters, Scattered Spider link<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-4\" href=\"https:\/\/www.computerweekly.com\/news\/366628069\/Scattered-Spider-tactics-continue-to-evolve-warn-cyber-cops\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/Hero Images\/cyber-security-attack-hack-breach-MaksymFilipchuk-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/Hero%20Images\/cyber-security-attack-hack-breach-MaksymFilipchuk-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/Hero%20Images\/cyber-security-attack-hack-breach-MaksymFilipchuk-adobe.jpg 1280w\" alt ><\/p>\n<h5>Scattered Spider tactics continue to evolve, warn cyber cops<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<\/ul>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/366630565\/MS-parts-ways-with-CTO-after-cyber-attack\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Blythe Ramage<\/p>\n","protected":false},"excerpt":{"rendered":"<p>M&amp;S chief digital and technology officer Rachel Higham steps back from her role in the wake of the April 2025 cyber attack on the retailer&#8217;s systems. By Alex Scroxton, Security Editor Published: 11 Sep 2025 20:55 Marks &amp; Spencer chief digital and technology officer Rachel Higham is to leave the retailer, in the wake of<\/p>\n","protected":false},"author":1,"featured_media":872185,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24748,22006,46],"tags":[],"class_list":{"0":"post-872184","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber","8":"category-parts","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/872184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=872184"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/872184\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/872185"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=872184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=872184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=872184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}