M&S invests in new tech for compliance regulation

High street retailer Marks & Spencer (M&S) has spoken positively of its partnership with SureCloud, which it uses to automate and manage its internal and external regulatory governance and compliance processes.

Integrated into its existing infrastructure, the technology platform is used across a number of departments, systems and operations, and was implemented to replace a manual, spreadsheet-based format for managing this area of the business.

Use of the new technology has reportedly enhanced data sharing between approved M&S users, as well as improving visibility for management of all cybersecurity compliance processes within the operation.

Tony Griffiths, cybersecurity governance manager at M&S, commented: "The SureCloud Platform's scalability, flexibility and 'out of the box' applications provide a real-time overview of security governance and compliance information as it is recorded and updated by users. 

"This provides us with the level of cross-function reporting that we require to give us management insights into our compliance at many levels."

M&S temporarily suspended its website last autumn when a selection of customers registering online for the Sparks loyalty scheme reported that they could see other people's personal addresses and past purchases.

Although some customers may have originally feared the data breach was a targeted attack, M&S confirmed that an internal IT error had led to the problems.

Reacting at the time, a spokesperson for the retailer said: "We can confirm that around 800 people were affected by a technical issue that led to us temporarily suspending our website.

"We have now written to the customers affected to apologise and to assure them that their financial details are safe."

Click below for more information: