ALSO Cloud highlights lessons from 2025 for building long-term cloud resilience against dangerous cyberattacks.
Insights from 2025
The security landscape in 2025 delivered a clear, costly lesson. The year was punctuated by a series of disruptive, multi-million-pound attacks, most notably the ransomware disruption that severely impacted Jaguar Land Rover’s UK production network for nearly six weeks. Estimated at over £50 million in costs per week, the fault was not the result of infrastructure failure at the cloud provider level, but rather vulnerabilities introduced through third-party integrations and identity systems.
The pattern experienced by Jaguar Land Rover was immediately reinforced by incidents affecting major European entities, including reported vendor supply-chain breaches at Heathrow Airport and Renault UK, where customer data was exposed via service provider systems. Cloud provider security has become increasingly non-negotiable for Europe’s economy.
However, this is insufficient without strict, end-to-end shared governance. Mark Appleton, Group Vendor Ecosystem Development at ALSO Group, comments:
“Closing out 2025, the overriding message is undeniable. The next major breach won’t come from your cloud provider; but from within your ecosystem. 2026 needs proactive orchestration at its core, with European businesses shifting their strategic outlook from reactive defence to proactive resilience. For years, European SMEs have operated thinking that selecting a reputable hyperscale cloud vendor automatically fulfils data security and compliance obligations. 2025 shattered this preconception, with the year’s most damaging breaches rarely starting from vendor’s core infrastructure, but through universally predictable weak links. Missed patches, exposed credentials and unmonitored third-party systems were amongst some of the most avoidable causes for infrastructure disruption issues.”
Appleton continues: “The root cause of these is almost always operational oversight within the business, not solely a cloud foundation issue. When it comes to security challenges also, it is less about malicious innovation and more operational fragmentation. Cloud platforms are fundamentally secure, but resilience is a shared responsibility that demands active management from the business end.”
Appleton emphasises that cloud environments should embrace continuous calibration and shared accountability baked within their technology stack and business relationships. He states:
“Unifying critical resilience components for MSPs and customers is possible through transforming current security fragmentation into consolidation. This means bringing automated patch and credential management across all connected services, real-time monitoring of connections and data access, centralised identity and audit controls across complex hybrid and multi-cloud environments and even AI-boosted incident response for rapid recovery and business continuity.”
“Resilience isn’t just about adding more tools, but connecting them, intelligently, and enforcing governance and policy from within. In this, MSPs have greater enablement for delivery for continuity services with more advanced governance and compliance. Similarly, SMEs gain access to enterprise-grade resilience for cost-effective pricing, ensuring greater consistency across complex regulatory frameworks.”
Appleton concludes, “European SMEs cannot afford to wait for the next breach. Building resilience now and enforcing proactive orchestration is a necessity for 2026, and only businesses that have learnt from the infrastructure blunders of the past will be prepared to face the breaches of the future.”
