Articles – Planit

5 Risks You Can’t Ignore in D.I.Y. Quality

Francis Taylor — Wed, 17 Dec 2025 21:55:13 +0000

Articles

QAQualityAssuranceQualityEngineeringTesting

5 Risks You Can’t Ignore in D.I.Y. Quality

In-house quality engineering can drain budgets, slow down delivery and leave you open to risk. Know the true costs before you start — and why leading businesses are choosing partnerships instead.

Taking your quality engineering in-house can be a risky gamble.

It might start out as a well-intentioned effort to save money, but it often spirals into operational bottlenecks, delayed releases and skill gaps your team can’t fill.

Worse, there’s a range of hidden pitfalls that can sabotage your efforts before you even begin.

Fortunately, we’ve put together this handy infographic to help you steer clear of the 5 biggest risks of relying on D.I.Y. Quality.

Download it now to discover:

The hidden costs that make in-house quality engineering so expensive.
How internal teams fall behind agile releases and DevOps cycles.
The difference between “maintenance mode” and true innovation.
The reason so many businesses struggle to find skilled testers.
How the right partnership can deliver measurable savings.

Download Infographic

PEAK Matrix® Assessment 2025 – Planit recognised as a Leader and Star Performer in Quality Engineering Specialist Services

Francis Taylor — Mon, 15 Dec 2025 04:15:00 +0000

Articles

AnalystReviewQualityEngineeringSoftwareTesting

PEAK Matrix® Assessment 2025 – Planit recognised as a Leader and Star Performer in Quality Engineering Specialist Services

Everest Group has named Planit a Leader and Star Performer in their Quality Engineering (QE) Specialist Services PEAK Matrix® Assessment 2025.

15 December 2025

Everest Group has recognised Planit as both a Leader and Star Performer in their Quality Engineering (QE) Specialist Services PEAK Matrix® Assessment 2025.

The PEAK Matrix® provides an objective, data-driven assessment of service and technology providers based on their overall capability and market impact across different global services markets, classifying them into three categories: Leaders, Major Contenders and Aspirants.

For this year’s QE Specialist Services report, the Everest Group benchmarked 21 providers with a dedicated strategic focus on end-to-end quality engineering services.

As part of this assessment, Planit was named a Star Performer, a designation given to providers that have shown the most year-over-year improvement in their position on the PEAK Matrix®.

Such strong positioning reaffirms our ability to deliver high-quality engineering solutions, enabling businesses to enhance software quality, achieve faster time-to-market and meet evolving customer demands.

You can access the full report here.

Planit was also named a Major Contender in Quality Engineering (QE) for mid-market enterprises in the PEAK Matrix® Assessment 2024, where we were recognised for the value we delivered, our vision and strategy, scope of services offered, innovation and investments, and delivery footprint.

About Everest Group:

Everest Group is a leading research firm helping business leaders make confident decisions. They guide clients through today’s market challenges and strengthen their strategies by applying contextualised problem-solving to their unique situations. Their deep expertise and tenacious research focus on technology, business processes, and engineering. Visit www.everestgrp.com to know more about the company and its offerings.

About Planit:

Planit is a global leader in Quality Engineering, providing innovative solutions to drive digital transformation and ensure the delivery of high-quality software. With a team of experienced professionals and a strong focus on customer satisfaction, Planit provides businesses with the vision, precision, and independence they need to improve the quality of their software and the way they deliver it.

Deliver Quality Quicker

In today’s competitive landscape, organisations expect to deliver more ambitious technical outcomes at improved efficiency. We can help you achieve these goals by embedding quality throughout the lifecycle, optimising your delivery to improve outcomes, accelerate speed, and decrease cost.

Find out how we can help you mature your quality engineering practices to consistently achieve better results with greater efficiency.

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

Planit & Specsavers Win Best Test Project in Retail at the European Software Testing Awards 2025

Francis Taylor — Tue, 02 Dec 2025 06:21:59 +0000

Articles

DigitalQualityQualityEngineeringSoftwareTesting

Planit & Specsavers Win Best Test Project in Retail at the European Software Testing Awards 2025

Planit and Specsavers prove quality engineering can deliver meaningful impact for real customers, with award judges praising the entry's "authenticity, empathy and social value."

Planit UK, in partnership with Specsavers, has been recognised at the European Software Testing Awards 2025, taking home the prestigious Best Test Project in Retail.

The awards celebrate the very best in software quality across the UK and Europe, with judges assessing entries for innovation, value, and real-world impact.

In addition to winning the award, our partnership also received a Special Commendation, awarded only to submissions demonstrating exceptional authenticity and social value. As the judges noted:

“This entry demonstrated how quality engineering can improve real-world outcomes. The team prioritised user experience, accessibility, and reliability over hype. The results felt real, with measurable outcomes. This one stands out for authenticity, empathy, and social value. Innovation doesn’t always require bleeding-edge technology, just intelligent design and genuine care.”

This honour reflects not just the impact of the solution, but the strength of a partnership built on trust, collaboration, and a shared focus on improving real experiences for customers and teams. It highlights the difference that two organisations can make when aligned in purpose and delivery.

Why our project stood out

The Best Test Project in Retail category is one of the most competitive categories in these awards, recognising work that elevates customer experience, strengthens operational resilience, and delivers tangible business benefits making it.

The winning project recognised by ESTA centred on Specsavers’ Self Refraction programme, where Planit helped deliver a more intuitive, accessible, and reliable eye-testing experience for customers.

From day one, the partnership between Planit and Specsavers was anchored in a simple belief: clinical innovation must never lose sight of the human element. Every decision (every test, every scenario, every refinement) was shaped around real people and real outcomes. By simulating real store conditions, capturing authentic user interactions, and using immersive customer and optometrist personas, the team was able to see the experience exactly as people would live it.

The result was a smoother, faster eye-test journey; increased appointment capacity; stronger clinical trust; and a noticeable uplift in customer satisfaction.

Why this win matters

This award reflects both organisations’ shared belief that meaningful innovation begins with understanding real people and their needs.

For Planit, it reinforces our ability to design assurance strategies rooted in real behaviour and deliver solutions that are safe, accessible, resilient, and genuinely impactful.

It also demonstrates our capability to partner deeply with clients, shaping outcomes that enhance customer trust, strengthen operational confidence, and create long-term value.

Looking ahead, Planit remains focused on helping UK organisations strengthen resilience, improve customer experience, and deliver services that work reliably in demanding environments. The success of this award-winning project with Specsavers underlines the value of getting quality right from the outset.

If you’re seeking a partner with a proven track record across complex retail and healthcare settings, we’d welcome a conversation.

Deliver Quality Quicker

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

The hidden cost of building your own in-house quality function

Francis Taylor — Mon, 24 Nov 2025 04:42:10 +0000

Articles

DigitalQualityQualityEngineeringSoftwareTesting

The hidden cost of building your own in-house quality function

Building an in-house quality function can seem straightforward, but the hidden costs, skill gaps and capability challenges often tell a different story.

Many organisations reach a point where they begin asking whether building an internal Quality Engineering (QE) capability will give them greater control, lower costs, and faster delivery. On the surface, insourcing seems like a logical step, especially when budgets are tight and expectations around autonomy and accountability continue to rise.

But as with any major capability shift, the real question isn’t “can we do this internally?” It’s “can we do it well, sustainably, and at the pace the business demands?”

When you look beyond the initial intent, a more complex reality comes into view.

Why businesses choose to build their own capability

The move toward in-house quality is often driven by a combination of factors:

A belief that internal teams will ultimately cost less
A desire to protect IP and retain organisational knowledge
Concerns about vendor lock-in or limited flexibility
A long-term vision to grow capability from within
Cultural alignment and direct control over delivery

These drivers make sense, but they also assume that internal capability is easier, cheaper, and more scalable than it truly is.

Where the model starts to strain

1. The true cost can be higher than it appears

Building a modern QE function requires far more than hiring a handful of testers. Salaries, training, licences, turnover, specialist skills, tooling and ongoing uplift efforts add up quickly.

Many organisations discover that the costs they expected to reduce are the ones that steadily grow.

2. Skill gaps can become operational risks

Quality Engineering is now a broad, multi-disciplinary capability spanning automation, performance, security, AI, DevOps alignment, and strategic quality leadership.

Finding and retaining people who can operate across this spectrum is difficult, and losing even one or two key individuals can create a significant gap.

3. Delays can occur as demands increase

In agile and DevOps environments, quality must be fast, repeatable, and deeply embedded.

Internal teams without accelerators, frameworks, or specialist support often struggle to maintain momentum, causing delays that affect the broader delivery roadmap.

4. Quality maturity can stagnate

Teams focused on meeting delivery deadlines rarely have the capacity to modernise processes, adopt new toolsets, or introduce advancements like AI-enabled testing.

Over time, this leads to capability that works, but doesn’t evolve.

5. Internal teams can become overextended

It’s common for small in-house quality teams to be stretched across multiple projects, domains, and responsibilities. As priorities shift, quality effort becomes thinly spread, creating inconsistent outcomes and increasing the likelihood of issues slipping through.

A smarter way to building quality

Partnering with quality providers like Planit can help organisations strengthen their in-house capability without placing unrealistic expectations on internal teams or introducing unnecessary cost and risk.

Planit provides:

Specialist talent on demand

From automation engineers and performance specialists to security and AI-driven quality experts, Planit gives organisations rapid access to skills that are difficult and expensive to build internally. Our consultants bring modern practices, structured training, and deep domain experience that accelerate uplift from day one.

Accelerators, frameworks and IP that amplify capability

The combination of skills and IP is powerful, and Planit has invested heavily in both.

Over decades, we’ve developed a suite of proprietary platforms and frameworks, including Amplify, DoT, and Voltage, along with a wide range of accelerators tailored by industry and by technology platform.

These assets allow our consultants to reduce setup time, improve consistency, and increase delivery speed across projects. Because they’ve been created from hundreds of engagements, they deliver value quickly, and would be extremely difficult for any organisation to replicate in-house.

Knowledge transfer, coaching, and co-innovation

We work alongside internal teams, not instead of them. Through structured uplift, coaching, Communities of Practice, and hands-on knowledge transfer, we ensure capability grows inside your organisation and continues to evolve long after the engagement ends.

Flexible engagement models that adapt to your organisation

Our ways of working are designed to align with each client’s structure, delivery model, and maturity. Our engagement models can scale up and down as required, without the rigidity or lock-in of traditional service models.

Seamless access to broader transformation capability through the NRI Group
As part of NRI, Planit also gives organisations the ability to extend beyond quality into end-to-end digital transformation when needed. With deep expertise across platforms such as Oracle, SAP, and Salesforce, NRI ANZ can support broader technology change programs.

This integrated model ensures clients get both the depth of dedicated QE and the breadth of transformation capability, without managing multiple disconnected providers.

Conclusion: Capability is an asset… but only when it’s built right

Building quality in-house can work, but it requires significant investment, ongoing uplift, and a broad mix of skills that are increasingly hard to maintain internally. For many organisations, the perceived advantages of insourcing don’t align with the operational realities they face.

With proven delivery patterns, AI-enabled practices, and mature automation frameworks, Planit helps organisations accelerate quality outcomes while reducing risk and effort. The result is a capability that delivers sooner, more consistently, and with greater confidence.

The goal isn’t to replace internal capability. It’s to strengthen it, so your teams can focus on what they do best.

Deliver Quality Quicker

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

The Global Quality Index 2025/2026: Highlights

Francis Taylor — Wed, 29 Oct 2025 03:55:39 +0000

Articles

AIQualityEngineering

The Global Quality Index 2025/2026: Highlights

Our definitive report uncovers how the world’s top organisations are transforming testing, accelerating AI adoption and investing in resilience for the digital era.

29 October 2025

In our recent release of the Global Quality Index 2025/26, we surveyed more than 200 quality leaders to find out how businesses are adapting their quality processes to deliver faster, smarter and more resilient digital experiences.

What emerged from this research was a clear message: the demand for faster releases and a seamless customer experience is only expected to grow, and more organisations are embracing the fact that quality is no longer the responsibility of just a single testing team.

Most importantly, the rise of AI is changing how quality engineering is conducted, and what was seen as a ‘future consideration’ just 12 months ago has now become a huge part of how software is delivered.

The balancing act of speed and quality

Ask quality leaders what keeps them up at night and you’ll get a bunch of different answers, though one stands out among them: How to increase speed without sacrificing quality?

However, the numbers don’t just point to an issue of speed. Alignment is also an issue, with many quality leaders reporting friction between teams or a lack of clarity.

Addressing these challenges requires more than just a technical fix. While Agile or DevOps practices can help, a broader approach that incorporates cultural and organisational strategies is also necessary.

Even as quality organisations grapple with these issues, Customer Experience (CX) remains a top priority, with 57% of leaders identifying it as their main goal. This means the challenge isn’t just how fast teams can ship, but how reliably they can deliver with confidence every time.

How AI is changing the game

One way that quality teams have responded to the demand for faster delivery is by adopting AI.

While the growing presence of AI tools won’t be a surprise to anyone, the speed with which they’ve gained traction is much more impressive.

The value of these tools can’t be understated either. Those surveyed have reported multiple benefits from using Generative AI, from increased speed to improved accuracy. Even better, only 11% of respondents see a reduced need for human testers, which suggests that AI will complement quality engineers instead of replacing them.

The bigger concern is with how these tools are being implemented. Although many organisations are deploying AI across their business functions, our survey found they don’t always understand how to ensure their quality. This means quality engineering must now test AI tools and systems themselves, not just use them.

The road ahead for quality leaders

So, how are businesses planning to address the rise of AI and the realities of quality delivery?

One response has been greater investment. In fact, 38% of organisations expect their quality and testing budgets to increase over the next twelve months. This represents a significant shift from 2024.

Alongside these investments, quality leaders are also rethinking the skills needed to deliver effectively in this new environment.

It’s all part of what could make 2025 a real turning point for quality engineering.

We’re seeing a move away from slow, manual testing toward a smarter, more connected approach to quality engineering. With AI, automation and skilled teams coming together, quality is becoming something that supports faster delivery and better customer experiences.

Effectively, the Global Quality Index 2025/26 explores where AI is making the biggest gains and which skills will define the future of quality teams. Download it today for powerful insights on how to build confidence into every release.

Deliver Quality Quicker

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

From Automation to Assurance: Elevating Quality with UiPath and Planit

Francis Taylor — Wed, 10 Sep 2025 04:48:58 +0000

Articles

AutomationQualityEngineering

From Automation to Assurance: Elevating Quality with UiPath and Planit

Discover how UiPath and Planit help organisations go from manual testing to proactive quality engineering.

10 September 2025

Many organisations have embraced robotic process automation (RPA) with UiPath to increase efficiency, reduce manual effort and free up teams to focus on higher-value work. But there’s one part of the digital lifecycle that still lags behind: testing.

Manual testing is one of the biggest roadblocks to faster, safer delivery. In fact, even with RPA in place, most quality assurance processes remain fragmented and time-consuming. Fortunately, UiPath Test Suite offers a more integrated approach to testing.

As a long-term partner of UiPath, Planit is also helping organisations rethink their approach to testing, shifting from reactive quality control to proactive assurance that moves at the speed of innovation.

When Testing Holds Back Transformation

Here’s a common problem: you’ve set up automation but testing hasn’t been able to keep pace. Each new update or process change requires manual validation. Teams struggle with inconsistent results, long feedback loops and release delays that undercut the efficiency automation was meant to deliver.

The real culprit here isn’t a lack of will or dedication, but a lack of tools, frameworks and internal capability. That’s why, as automation strategies mature, so must the way we validate change. Testing can’t just be an afterthought anymore.

A Smarter Path Forward with UiPath Test Suite

UiPath Test Suite closes the gap between operations and quality, bringing testing into the same ecosystem as your RPA initiatives.

This doesn’t simply automate test cases. It creates a shared language for automation across development, QA, and operations teams. With a low-code approach, AI-powered object recognition and integration into CI/CD pipelines, the Test Suite enables:

Continuous testing across UI, API, mobile, and databases
Reuse of existing RPA assets for testing purposes
Faster feedback, reduced regression time, and improved resilience

It’s a unified approach to automation and assurance, removing silos and accelerating safe delivery.

Why It Resonates with UiPath Customers

If you’re using UiPath for RPA, then you’ve already made a strategic investment in automation infrastructure, training and governance. Extending this into testing is simply the next logical move.

Test Suite builds on the automation culture you’ve already developed. It’s also cost-effective, as there’s no need to onboard another vendor or reinvent your toolchain. Instead, you can embed quality into the same ecosystem and governance model your teams already know.

We’ll Help You Realise the Full Potential

As a UiPath partner focused on quality engineering, Planit brings deep testing expertise to complement your automation journey.

We’ve helped organisations across industries transition from traditional E to integrated, automated quality strategies. We can empower your teams to do the same by working alongside them, getting a sense of their current challenges, mapping out a testing roadmap and making sure automation adds real value—not just speed.

We also bring the necessary experience to navigate complexity, whether it’s enterprise-scale environments, regulatory pressures or legacy systems.

Start Strong with a Testing Plan

Adopting the UiPath Test Suite isn’t a one-size-fits-all process. It starts with understanding what’s working, what’s not and where testing can become an enabler rather than a blocker.

Our 5-day readiness assessment is a practical first step. In just one week, we’ll help you evaluate your current landscape, demonstrate where testing automation fits and outline a roadmap that supports your broader automation goals.

Book your free assessment today to get started with smarter, better testing.

Deliver Quality Quicker

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

Planit recognised in the 2025 Gartner® Market Guide for Quality Engineering Services

Karla Romero — Mon, 11 Aug 2025 00:49:45 +0000

Articles

AnalystReviewQualityEngineeringSoftwareTesting

Planit recognised in the 2025 Gartner® Market Guide for Quality Engineering Services

11 August 2025

Planit has been named as a Representative Vendor in the 2025 Gartner® Market Guide for Quality Engineering Services, published in June 2025.

With 1,700 quality engineering specialists, we’re proud to be one of the pure-play quality engineering (QE) service providers listed in the report.

Notably, we are the sole provider on the list headquartered in Australia.

We believe this recognition reinforces Planit’s continued leadership in delivering quality at scale, with a sharp focus on test automation, performance engineering, AI-augmented QE, and innovation-led transformation.

Why we believe it matters

In our opinion, the Gartner® Market Guide for Quality Engineering Services is a valuable resource for Sourcing, Procurement, and Vendor Management (SPVM) professionals and IT leaders navigating the dynamic world of testing, AI-augmented quality engineering, and digital assurance.

This year’s guide lists 40 providers, picked from over 500 global QE service providers tracked by Gartner.

“Our focus in this edition of the Market Guide is on using tool-based solutions and leveraging the latest technology to automate application testing. The 40 providers listed here reflect this focus,” the report states.

Planit was recognised in the report as a pure-play QE service provider, which we believe highlightour unwavering focus on quality engineering and setting us apart in a market increasingly demanding depth over breadth.

According to Gartner: “as testing services evolve into comprehensive QE services, these providers are well-positioned to meet the growing demand for integrated, end-to-end QE solutions,” thanks to their specialised expertise and strategic delivery.

“As a company solely dedicated to quality engineering, to us, this recognition reinforces our belief that depth of expertise and continuous innovation are what clients value most,” said Alex Edwards, Chief Operating Officer at Planit.

“We’re proud to be leading from the front as quality engineering evolves into a strategic driver of business performance.”

To learn more and download the full report, please visit the Gartner website.

Objectivity Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Deliver Quality Quicker

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

Beyond the breach: Thoughts for CISOs in FY25-26

Akanksha Aggarwal — Wed, 06 Aug 2025 03:41:22 +0000

Articles

RegulationsSecurity

Beyond the breach: Thoughts for CISOs in FY25-26

Our director of security services, Ferdinand Hagethorn, gives his take on how cyber security has changed. And the best strategies to stay ahead.

6 August 2025

Fresh new financial year, fresh new migraine. Each week brings another headline-grabbing security breach, and to be honest, it’s getting old.

Feeling breach fatigue yet? I know I am. But instead of drowning in the FUD, let’s hunt for opportunity. FY 25-26 will see a lot of changes. The threats are still out there, but those who act decisively will come out on top.

And doing so doesn’t need to be a struggle—not when my little playbook can help you turn risk into reward and reposition your security programme as a business enabler:

The AI arms race

Let’s get straight to the point: while most people were busy debating the ethics of AI, the cyber criminals had already weaponised it.

They generated slick phishing emails, assembled shape-shifting malware and automated attacks at a massive scale.

Your move:
It’s time to turn the tables and deploy AI-powered security, the kind that anticipates threats.

The closer you can bring anomaly detection to the now(); the quicker you can contain the damage. It’s time to upgrade your team, to give them some fresh tech that bolsters your security posture.

Everywhere is an entry point

The perimeter is old-school thinking. The data and processes you’re protecting can live anywhere now: a chaotic growth of cloud instances, IoT widgets and many, many remote endpoints. All of them entry points for attackers.

Your move:
Resilience is the game to play. If you haven’t heard of “resilient-by-design”, it’s time to read up.

You can’t secure what you can’t see—so the mission is visibility across the entire digital ecosystem. Something you can achieve through ruthless asset management, relentless monitoring and a Zero Trust attitude that treats every asset and access request with healthy suspicion.

The human firewall

Yes, some people will always click that suspicious link. You can’t always stop lapses in judgement. But don’t mistake your team as a liability. Tap into their strengths instead.

Your move:
Say goodbye to boring PowerPoints and interminable security lectures. It’s time to entertain and engage people with gamified training and engaging phishing simulations.

Shift the culture to one that celebrates people who spot and report threats—they’ll be your best force multiplier.

Secure your supply chain

You can have rock solid security, but it won’t matter if your suppliers leave the back door wide open. This supply chain risk is the soft underbelly of modern business, and I’ve seen just how easily attackers exploit it.

Your move:
Make security a non-negotiable part of your procurement process. Ask for ISO27001 and SOC2. Add those accreditations as the bare minimum for security in your contracts.

Let your suppliers prove their worth through third-party risk assessments and attestations. But also include a collaborative approach to threat intelligence; you want to know what is knocking at the door of your SaaS provider for your tenancy in their infrastructure.

Remember, for a lot of the data your organisation holds, including personal information, you’re the custodian. It’s your job to make sure it’s safe.

Regulation as your winning edge

At first glance, regulations read like alphabet soup.DORA, NIS2, PCI DSS 4.0… They’re a nightmare for your competitors; they approach them like an exercise in ticking boxes. But you know better.

Turn it around, show your pride in being compliant and go beyond what’s expected. Leverage the assessors’ reports and gain the trust of your clients.

Make these regulations a part of your security posture blueprint. In today’s chaotic market, this can be a unique selling point. You can gain a competitive advantage and prove to your customers that you’re a trusted partner.

The clock is ticking

Survival of the fittest has come to the cyber security landscape. Meaner, smarter threat actors are sniffing around systems, using AI-powered bots to pick out the weakest, juiciest targets.

It’s the end of a reactive, check-box security era. The future belongs to those who don’t see security as a coat, but a pillar for growth, trust and opportunity.

This is also where Planit can help you.

With extensive security services, from threat assessments to penetration testing, we can identify the weak points in your infrastructure and applications and provide the right tools to ensure they’re fully protected.

So don’t leave yourself exposed to the newest security threats. Reach out to us today and get the expertise you need to stop attackers before they stop you.

Looking for more security insights?

Take a look at some of the other expert articles Ferdinand has published, including 10 uncomfortable truths about cybersecurity and a detailed look at recent cyber attacks in the UK.

Protect Your Data and Reputation

In today’s hostile internet environment, the risks associated with system vulnerabilities are substantial as information is exploited, systems corrupted and brands damaged. Planit’s three-pronged approach to data security policies and penetration testing can help you protect your systems by addressing development, use, and infrastructure.

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

AUTHOR:

Cyber-attacks at M&S, Co-op & Harrods

Magda Maliszewska — Tue, 06 May 2025 01:05:42 +0000

Articles

RetailSecurity

Cyber-attacks at M&S, Co-op & Harrods

Our experts take you behind the headlines of the UK retail breaches, with real anecdotes, expert insights, and practical next steps.

6 May 2025

This spring, Marks & Spencer, the Co-op, and Harrods made headlines for all the wrong reasons. Each retailer fell victim to cyber-attacks that disrupted services and raised fresh questions about cybersecurity readiness in retail.

While most media reports typically focus on the “what” and “when,” at Planit, we’re focused on the “what next?” Because in today’s threat landscape, the best defence is a proactive one.

So, here’s a quick-fire look at each of the incidents, followed by Planit’s expert lessons and the next steps to plug gaps before they can become the root of your problem.

Incident Rundown

1. Marks & Spencer (April 2025)

What happened:
Ransomware struck over Easter, encrypted key systems and halted online orders and some in-store services. It was reported that the Scattered Spider group was behind this breach. They managed to lock files using a white-labelled DragonForce encryptor to demand a multi-million-pound ransomware.

Impact:
Due to the widespread outages, it is estimated M&S lost millions in sales; customer trust was dented when contactless payments and recruitment portals went offline.

2. Co-op (Late April 2025)

What happened:
Unusual account activity triggered a shutdown of back-office systems. Staff were ordered to keep webcams on during meetings to spot imposters. Co-op did not attribute the attack to any group, but forensic sources indicate the attackers used identical social-engineering tactics and password-reset methods associated with the Scattered Spider community, The DragonForce operator spoke to the BBC directly, sharing samples of Co-ops stolen data and claiming credit.

Impact:
Due to early detection there was minimal customer disruption, but internal processes slowed, and employee morale dipped due to the additional security controls that were requested.

3. Harrods (May 2025)

What happened:
Early warning signs of unauthorised access led to an immediate internet lockdown at all sites. Harrods described its intrusion as an “attempt” that was detected and contained early. In addition, they restricted internet access of the stores as a precautionary measure. Cybersecurity experts note that due to the similar patterns this attack was also executed by DragonForce/Scattered Spider.

Impact:
Stores and the website stayed open, but staff lost day-to-day online tools until systems were cleared.

These incidents point strongly to a common campaign by Scattered Spider / DragonForce, according to industry analysts. But more importantly, they serve as a critical reminder: no business is too established, too prepared, or too prominent to be targeted.

When three major retailers experience breaches within weeks of each other, each involving similar social-engineering tactics and infrastructure shutdowns, it’s not just coincidence.

It’s a signal. If these household names can be hit, any business can.

The question isn’t whether you’re at risk, but whether you’re ready.

Key Lessons & Next Steps

1. Assume you’re already a target and get the board onboard NOW.

It’s not a question of if but when, and attackers are counting on you being unprepared.

Next step:
This week schedule a board-level briefing this quarter to review your current threat landscape and what budget must be made available to ensure you don’t run reactive but proactive security. Fail to plan, is plan to fail.

Anecdote:
During a Red Team exercise last year our team simulated a “silent login” at a retail client. Our team gained domain-admin access within hours—without triggering a single alert. The client was shocked at how easily we moved through their network undetected, reinforcing just how vulnerable even mature environments can be.

2. Test before you’re tested

If you’re not regularly testing your defences, you’re running blind.

Next step:
Book a penetration test focused on ransomware entry vectors (email, VPN, unpatched servers).

Anecdote:
During a penetration test, we uncovered an unmonitored remote-access CRM system—a major blind spot. After the client secured and patched it, their external attack surface was reduced by 35% in a single night.

3. Build rapid containment playbooks

Having a response plan is great. Knowing how to use it under pressure is even better.

Next step:
Run an incident response drill this month under “ransomware” and “insider compromise” scenarios.

Anecdote:
During a table-top session with a financial services client, we discovered that even their C-suite wasn’t sure who had authority to isolate / shut down systems. We helped them optimise their incident response process and RACI, providing guidance and ensuring that they were crystal clear on who should do what when, and who had the authority to sign off. During a re-run of the exercise, we helped them isolate the threat in under 15 minutes

4. Empower Your People

Your people are your frontline and your biggest asset when trained well.

Next step:
Launch a phishing and meeting-security awareness campaign. Provide simple steps—like verifying meeting attendees and reporting suspicious invites.

Anecdote:
During a client’s first phishing simulation, over half of their employees clicked the malicious link. Many even submitted their credentials. After 12 months of ongoing phishing simulations and tailored training, 92% correctly identified and reported the malicious phishing emails – a significantly high percentage by today’s standards. That level of awareness significantly strengthened the client’s frontline defence.

5. Lock Down Your Supply Chain

A breach through a vendor still damages your brand.

Next step:
Audit your top five third-party vendors’ security. Require evidence of recent security assessments or ISO 27001/NIST compliance.

Tip:
Review and if not found ensure breach-notification clauses are in all new contracts, this will ensure rapid alerts if a supplier is breached.

In conclusion

These three incidents are a loud wake-up call: In 2025, reactive security isn’t just outdated, it’s dangerous. The patterns are clear, the threat actors are emboldened, and the time to act is now.

If you’re serious about staying out of the news and ahead of attackers, your roadmap needs to include:

Engaging your executive board
Proactively testing your defences
Practising real-world incident response scenarios
Training your people to spot and stop threats
Scrutinising the cyber hygiene of every vendor in your supply chain

At Planit, we don’t just find the gaps. We help you close them.

Whether you need a deep-dive penetration test, a rapid incident response drill, or a realistic red team simulation, our security specialists work alongside you to raise your cyber maturity and build lasting resilience.

We specialise in:

Security Assessments & Penetration Testing – We help you expose hidden gaps before attackers do.
Incident Response Readiness Workshops – All designed to sharpen your team’s playbooks.
Business Continuity Planning – Through table-top simulations to ensure your business continuity, even under attack.
Organisational Cyber Posture assessments – We can help you get a clear picture where your strengths and weaknesses lie.
Red Team attack simulation – We act like them, but instead of getting your data encrypted and held for ransom, you get a detailed report with tips and tricks on how to improve.

Don’t wait for a breach to show you the cracks. Reach out, because prevention is always better and more affordable than recovery.

Protect Your Data and Reputation

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

AUTHOR:

The Unbreakable Chain

Magda Maliszewska — Tue, 15 Apr 2025 02:18:07 +0000

Articles

S/4HANASAPTesting

The Unbreakable Chain

Why rigorous testing is non-negotiable for your S/4HANA implementation

15 April 2025

Migrating to SAP S/4HANA is more than just a technical upgrade — it’s a business transformation. With promises of streamlined processes, real-time insights, and future-proof operations, it’s easy to focus on the destination. But what about the journey itself?

The reality is the success of your S/4HANA migration depends heavily on one critical factor: rigorous end-to-end testing. Skip this step, or underestimate its importance, and you risk turning your digital transformation into a costly disaster.

What happens when testing fails?

Imagine building a bridge, but skipping structural checks. Cracks might go unnoticed until the whole thing collapses under pressure. The same applies to S/4HANA implementations. Without proper testing, hidden defects could disrupt operations, causing:

Expensive system fixes after go-live
Downtime that halts critical business processes
Data corruption that takes weeks to unwind
User frustration and low adoption rates

The critical role of testing in S/4HANA projects

Mitigate risks, avoid expensive errors

S/4HANA isn’t just a system. It’s an ecosystem. Finance, supply chain, sales, procurement, all connected. A single error can ripple across departments.

Data migration: Inaccurate data migration can cripple decision-making and compliance.
Customisations: Custom code may clash with standard functionalities if not thoroughly tested.
Integrations: Legacy and third-party systems need to sync seamlessly with S/4HANA, or face operational breakdowns.

Ensure Business Continuity (No Surprises on Day One)

A well-tested system means less chaos during go-live and fewer fire drills after.

Pre-go-live issue resolution: Identify defects early and fix them before they reach production.
User readiness: User Acceptance Testing (UAT) helps your teams get comfortable with the new system, reducing post-launch confusion.
Performance confidence: Load testing ensures your system can handle real-world business volumes, even during peak periods.

Validate Processes, because Configuration ≠ Confirmation

S/4HANA offers incredible flexibility, but with great power comes great responsibility. Testing confirms:

Core processes work as designed: From order-to-cash to procure-to-pay, every process must flow correctly.
Regulatory compliance: Industry regulations and reporting requirements aren’t optional. Testing ensures you stay compliant.
Business value: Your ROI depends on getting the processes right, not just switching to a new platform.

The 9 Pillars of a Solid S/4HANA Testing Strategy

S/4HANA success demands a robust testing foundation. Nine pillars, from unit to cutover testing, ensure system integrity. These pillars guarantee data accuracy and functionality, preventing costly disruptions.

Unit testing: Testing individual components and functions.
Integration testing: Checking how modules talk to each other and external systems.
System testing: Validating the full system’s functionality.
User acceptance testing (UAT): Real users test real processes.
Performance testing: Simulating peak loads and stress scenarios.
Regression testing: Ensuring new changes don’t break existing functionality.
Security testing: Identifying vulnerabilities before attackers do.
Data migration testing: Checking accuracy, completeness, and consistency of migrated data.
Cutover testing: Dry runs of the actual cutover plan to validate transition steps.

Don’t just test, but test smart (leverage automation)

In the intricate landscape of S/4HANA implementations, traditional manual testing methods are simply inadequate. This is where the strategic implementation of test automation becomes not just beneficial, but essential. By leveraging automation tools, organisations can significantly accelerate the execution of repetitive tests, freeing up valuable resources and reducing the risk of human error. Furthermore, automation enables a broader test coverage, ensuring that all critical business processes and system functionalities are thoroughly validated. Specifically, automation allows for:

Faster execution of repetitive tests
Broader test coverage in less time
Quick detection of regression issues after updates
Detailed reporting for better decision-making

To truly maximise the benefits of test automation within an S/4HANA environment, the utilisation of SAP-specific testing tools is highly recommended. Solutions like Tricentis Tosca or Worksoft Certify are designed to handle the unique challenges posed by complex end-to-end scenarios within SAP systems. These tools offer specialised capabilities for automating testing across various SAP modules and integrations, ensuring seamless validation of critical business processes.

Common testing pitfalls and how to avoid them

Pitfall	Impact	How to Prevent It
Poor Data Quality	Test failures, inaccurate results	Data governance, early data cleansing
Unrealistic Test Data	False confidence in performance	Use production-like data sets
Resource Gaps	Delays, incomplete testing	Engage SMEs and skilled testers
Scope Creep	Testing overload	Freeze scope early, manage change rigorously
Integration Blind Spots	Cross-system failures	Comprehensive end-to-end testing
Ambiguous Requirements	Missed tests	Clear, documented requirements
Performance Bottlenecks	Go-live meltdowns	Load test in production-like conditions
Security Gaps	Cyber risks	Regular security assessments
Inconsistent Test Environment	Misleading results	Ensure test mirrors production

Crafting a winning testing strategy: Step-by-step

Set Clear Goals
What are you testing for? Data accuracy? Process correctness? Performance?

Phased Approach
Start with unit testing, then integration, system, UAT, and performance.

Manage Test Data Well
Use production-like data (masked if necessary).

Automate What You Can
Save time and improve consistency.

Prioritise Risk Areas

Focus on high-impact processes first.

Mirror Production
Test environment should match production closely.

Document Everything Comprehensive records of test cases, results, and defects.

Regression is Key
Every change needs retesting. Every. Single. Time.

Remember: Testing is an investment, not a cost

Think of testing as insurance for your S/4HANA investment. Every hour spent validating your system protects your business from future disruption. A well-executed testing strategy pays for itself many times over through:

Faster, smoother go-live
Fewer post-launch emergencies
Better user adoption
Increased confidence in data and processes
Maximised return on your SAP investment

Final word: Don’t break the chain

Your S/4HANA journey is only as strong as its weakest link. If testing is neglected, everything else, from data migration to user adoption, is at risk. By treating testing as a critical success factor, you build an unbreakable chain that supports your digital transformation every step of the way.

Need help designing your S/4HANA testing strategy?

Your S/4HANA journey deserves flawless execution. Let’s talk about how Planit’s testing expertise will get you there.

AUTHOR:

Reach New Heights

Modern enterprise is built upon powerful tools. With SAP at the heart of your business, you can not only realise operational efficiencies but also unlock a wealth of intelligence to help drive strategy and success.

Whether you are just beginning your transformation or you’re maturing your existing SAP landscape, we can help you achieve your platform goals faster by assuring quality and accelerating delivery.

Find out More

Get Updates

Get the latest articles, reports, and job alerts.

Articles – Planit

5 Risks You Can’t Ignore in D.I.Y. Quality

5 Risks You Can’t Ignore in D.I.Y. Quality

Download Infographic

PEAK Matrix® Assessment 2025 – Planit recognised as a Leader and Star Performer in Quality Engineering Specialist Services

PEAK Matrix® Assessment 2025 – Planit recognised as a Leader and Star Performer in Quality Engineering Specialist Services

Deliver Quality Quicker

Get Updates

Planit & Specsavers Win Best Test Project in Retail at the European Software Testing Awards 2025

Planit & Specsavers Win Best Test Project in Retail at the European Software Testing Awards 2025

Why our project stood out

Why this win matters

Deliver Quality Quicker

Get Updates

The hidden cost of building your own in-house quality function

The hidden cost of building your own in-house quality function

Why businesses choose to build their own capability

Where the model starts to strain

A smarter way to building quality

Conclusion: Capability is an asset… but only when it’s built right

Deliver Quality Quicker

Get Updates

The Global Quality Index 2025/2026: Highlights

The Global Quality Index 2025/2026: Highlights

The balancing act of speed and quality

How AI is changing the game

The road ahead for quality leaders

Deliver Quality Quicker

Get Updates

From Automation to Assurance: Elevating Quality with UiPath and Planit

From Automation to Assurance: Elevating Quality with UiPath and Planit

When Testing Holds Back Transformation

A Smarter Path Forward with UiPath Test Suite

Why It Resonates with UiPath Customers

We’ll Help You Realise the Full Potential

Start Strong with a Testing Plan

Deliver Quality Quicker

Get Updates

Planit recognised in the 2025 Gartner® Market Guide for Quality Engineering Services

Planit recognised in the 2025 Gartner® Market Guide for Quality Engineering Services

Deliver Quality Quicker

Get Updates

Beyond the breach: Thoughts for CISOs in FY25-26

Beyond the breach: Thoughts for CISOs in FY25-26

The clock is ticking

Looking for more security insights?

Protect Your Data and Reputation

Get Updates

AUTHOR:

Ferdinand Hagethorn

Cyber-attacks at M&S, Co-op & Harrods

Cyber-attacks at M&S, Co-op & Harrods

Incident Rundown

Key Lessons & Next Steps

In conclusion

Protect Your Data and Reputation

Get Updates

AUTHOR:

Ferdinand Hagethorn

The Unbreakable Chain

The Unbreakable Chain

What happens when testing fails?

The critical role of testing in S/4HANA projects

The 9 Pillars of a Solid S/4HANA Testing Strategy

Don’t just test, but test smart (leverage automation)

Common testing pitfalls and how to avoid them

Crafting a winning testing strategy: Step-by-step

Remember: Testing is an investment, not a cost

Final word: Don’t break the chain

Need help designing your S/4HANA testing strategy?

AUTHOR:

Sheldon Justin

Reach New Heights

Get Updates