From healthcare disruption to financial data exposure and telecom investigations, over the last few weeks cybersecurity incidents highlight a continuing trend: attackers are not only targeting systems, but they’re exploiting trust, visibility and operational reliance on digital services. Read more in our March Cybersecurity Roundup.
Medical device manufacturer Stryker confirmed it experienced a cyberattack in March that disrupted elements of its operations, including order processing and shipping as well as manufacturing. As a result of the attack, the supply of defibrillator products and other medical equipment to the NHS has been affected.
The company stated that it had contained the incident and was working to restore affected systems. They confirmed that patient care services and connected medical devices were not impacted.
This incident highlights the growing operational impact of cyberattacks, particularly within critical sectors such as healthcare. Even when patient data or safety is not directly compromised, disruption to supply chains and services can have significant downstream effects.
The issue prompted questions from the UK Treasury Committee, which has requested further information on the scale of the incident, the cause and whether affected customers will receive compensation.
While it wasn’t the result of a traditional cyberattack, an event like this highlights how system errors and weaknesses of digital platforms can still lead to significant data exposure and reputational risk.
A threat actor group claimed to have stolen a large volume of data, though reports noted that these claims haven’t been independently verified. Telus stated that it’s working with cybersecurity experts and law enforcement as part of its response.
Telecommunications providers still remain a key target due to the volume of sensitive customer and infrastructure data they hold. This case is a good reminder of the importance of early detection, transparency and incident response planning.
Japan is set to authorise ‘proactive cyber defence,’ allowing its Self-Defense Force to conduct offensive cyber operations starting 1 October 2026. This marks a major shift from Japan’s historically defensive cyber posture, effectively giving the government the legal ability to ‘hack back’ against hostile actors. The move reflects growing concern over state-backed cyber threats and rising regional tensions.
Japan’s policy change highlights a broader trend among governments treating cyber as a strategic domain alongside land, sea, air and space. While offensive cyber operations remain controversial, Japan’s decision signals that nation-states are increasingly normalising pre-emptive and retaliatory capabilities as part of national security strategy.
The UK’s National Cyber Security Centre (NCSC) issued guidance encouraging organisations to review their cybersecurity posture following increased geopolitical tensions in the Middle East.
While no significant change in direct threats to the UK was identified, the NCSC warned of a likely increase in indirect risks, especially for organisations with international operations or supply chains.
The broader reality is that geopolitical developments can, and do, indirectly influence cyber risk levels. This is something organisations should always remain vigilant about.
The new requirements are set to take effect on 18th March 2027 and are designed to ensure firms report operational incidents, including those involving critical third‑party provider in a faster, more consistent and structured way.
Under the updated rules, all regulated firms will need to notify the FCA of operational or cyber incidents that meet defined reporting thresholds, while larger firms will face additional responsibilities around maintaining visibility of their third‑party arrangements. The changes aim to help regulators identify systemic risks and intervene earlier when third‑party outages or attacks occur, and the move aligns with broader UK regulatory focus on operational resilience and third‑party risk management in the financial sector.
Incidents such as the Stryker attack demonstrate that disruption to services and supply chains can be just as impactful as data theft.
The Telus investigation reinforces how organisations holding large volumes of customer data continue to attract attention from threat actors.
The Lloyds incident highlights that system errors and platform weaknesses can result in similar outcomes to traditional breaches.
Vulnerability disclosures and national guidance continue to emphasise the importance of patching, access controls and visibility across systems.
At Brigantia, we support channel partners in protecting their clients with our selected vendor portfolio, specialists and dedicated support.
To read more articles like this, head to our news and articles page. To explore our vendors or discuss how we can support your security offering, visit our vendor page or get in touch with the Brigantia team.