Cyberattacks are a fact of life for modern businesses.
The University of Strathclyde has found that the average UK business has faced 1.7 attacks per month in 2025.
In many cases, all these attacks need to do is breach a single system. From there, grind to a halt – not just in IT, but across manufacturing floors, logistics networks, and customer-facing services. One error or vulnerability is all that’s needed.
When one system falls, the whole business follows
In the UK, this chain of events is painfully familiar. The attack on Jaguar Land Rover in August brought production lines to a standstill for weeks, costing our economy around £2 billion pounds; analysts have called it ‘the costliest cyber attack in UK history’.
Across the Atlantic, when US health-food wholesaler United Natural Foods was struck back in June, they also had to suspend their operations. That meant no deliveries to supermarkets, leaving a trail of empty shelves all across the US. The company is projecting a loss of around $400 million in sales over the year as a result.
It’s not just products, either. In the healthcare sector, you may remember the attack on Change Healthcare last year, resulting in blocked claims and medical prescriptions nationwide, delaying treatments for millions of patients. The financial cost has been estimated at $2.45 billion dollars. The human cost is, of course, priceless.
These incidents are tied together by a common approach to digital infrastructure: tightly coupled architectures.
In these environments, critical applications such as ERP, warehouse, logistics, retail, finance are interconnected so closely that if one fails, other critical systems are unable to function. A single weak point becomes the domino that topples the rest.
This design may have made sense in a simpler, more predictable IT world. But in today’s highly interconnected landscape, with constantly evolving threats accelerated thanks to the AI revolution, this once-efficient design has turned into the perfect setup for system-wide issues.
Why decoupling matters
The alternative is a decoupled architecture. Instead of linking systems directly, a decoupled architecture provides a shared backbone where each system publishes what happens. That means if one system is compromised or taken offline during an incident, the others can continue to function.
Business operations don’t have to come to a standstill simply because a single component is isolated — and when the affected system is restored, it can replay the missed events and rejoin
the flow seamlessly. Some architectures, like event-driven data streaming, can keep that data flowing in real time despite an attack.
To illustrate the point, imagine a cyber-attack that takes your warehouse management system offline. In a tightly coupled world, orders stop flowing, deliveries stall, and revenue evaporates while teams scramble to restore the system.
In a decoupled world, orders continue to be placed, payments processed, and updates recorded. When the warehouse comes back online, it syncs up automatically with an ecosystem that has remained consistent in its absence.
The difference is tangible. Disruption is measured in hours, not weeks, and the associated impact on customers is minimised. For many businesses, the ability to keep even part of their operation running during a cyber crisis determines whether they recover smoothly or face lasting damage.
From cybersecurity to cyber resilience
Cyber-attacks are unfortunately inevitable no matter the industry, but business paralysis in the midst of an attack doesn’t have to be.
For CIOs and CISOs, this shift in mindset is critical. Cyber resilience is no longer just about perimeter defense or detection tools. It’s about designing systems that can limit the blast radius when hit. absorbing and isolating the damage to ensure a quick recovery.
Through decoupling, organisations can enhance flexibility and efficiency, limiting the “blast radius” of any attack. When the inevitable breach occurs, it doesn’t have to bring the whole business down.
In order for businesses to respond quickly and keep operations running when the inevitable strikes, they must hold architectural resilience at the centre of their cyber strategies. As cyber attacks become more frequent and damaging, the question for leaders is no longer whether systems will be targeted, but how effectively can the business respond and recover.
About the Author
Richard Jones is VP Sales Northern Europe at Confluent. Confluent is pioneering a fundamentally new category of data infrastructure focused on data in motion. Our cloud-native offering is the foundational platform for data in motion — designed to be the intelligent connective tissue enabling real-time data, from multiple sources, to constantly stream across the organization. With Confluent, our customers can meet the new business imperative of delivering rich, digital customer experiences and real-time business operations. Our mission is to help every organization harness data in motion so they can compete and thrive in the modern world.
