Stuart Machin, the new chief executive of Marks & Spencer (M&S) recently had his total annual pay deal jump to £7 million. This massive surge was just peaking as the company was forced offline by a debilitating cyber attack over the Easter holiday weekend. This DDoS attack caused extensive damage to M&S’s online orders, halted contactless payments, and even hampered stock availability in stores.
Machin’s compensation increase was primarily driven by a rise in share awards, which jumped from £2.6 million to £4.5 million due to the company’s performance targets, including profit growth. His bonus increased too, up £100,000 to £1.6 million. Unlike most contracts, the pay package explicitly includes pension contributions, further adding to the increase in remuneration.
Another group of hackers, the Scattered Spider, carried out a ransomware attack on the company. They first set their sights on M&S’s click-and-collect supply chain logistics solutions and contactless payment systems. This incident will surely be one of the largest financial disasters. Just in profits, estimates start at £300m of lost profits.
Stuart Machin has been at the helm of M&S for almost three years. One area where he’s been most vocal though is a vision for the infrastructure of the company. Almost immediately after his appointment, he rolled out his “reshaping for growth” strategy. Part of this plan was a £500 million reduction in structural costs. In light of the recent cyber attack, M&S wants to move full steam ahead with their digital transformation. Through these engagements, they hope to improve their overall cyber posture and better build resilience against future threats.
“Reinforce our cyber defences and provide greater resilience in the event of a subsequent attack,” stated M&S in a company release regarding their plans moving forward.
Archie Norman, the chairman of Marks & Spencer, envisages a long tail from the cyber assault. He predicts the impact to be felt “for a number of weeks, if not months.” Though the lessons learned from this incident have been unfortunate, Norman is otherwise bullish on the company’s prospects.
“I am confident that in a year’s time the cyber incident will prove to have been a bump in the road along the path to growth, even if it does not feel like that today,” he remarked.
In light of these developments, M&S’s remuneration committee has acknowledged that they “recognized it would need to re-visit the matter” of executive compensation in response to the ongoing crisis.