“I think it’s fair to say the world has changed, hasn’t it?” Says Matt Margereson, Chief Operating Officer at Hotel Chocolat. “In these difficult times, it’s that sense of team and connectivity that’s most important. Covid has actually accelerated our long-term strategic plans – we’ve just reported our half year results to the end of December and have seen the best part of 20% growth across the group – I think it shows not just how dynamic we’ve been, but also the opportunity that was in the pipeline anyway.”
Hotel Chocolat began in 1993, selling chocolates online as one of the UK’s first ‘e-tailers’. Innovation and creativity run through everything they do, from their delicious chocolates, to new product launches and business ventures, all while sticking to their mission to “make people happy through chocolate.” With 125 stores across Europe, America and Asia, as well as a their own cocoa plantation and high-end hotel, the Rabot Estate in St Lucia, this market-leading luxury chocolatier is certainly anything but ordinary.
We caught up with the Hotel Chocolat team to find out what impact the Covid-19 pandemic has had on business operations, why cyber security and cyber insurance are a top priority and how their longstanding relationship with Cambridge insurance brokers, S-Tech Insurance Services is a true partnership.
Keeping everything running
So, what happened when the pandemic hit? “Within 45 minutes of the first lockdown announcement, we’d agreed how to close all 125 stores and return the stock back to the distribution centre.” Matt explains. “Then we looked at what systems we needed to create or adapt to get ahead of ourselves in terms of this total channel-shift demand.
“We have a business continuity plan which was created many years ago in partnership with our senior team and input from S-Tech. We review it regularly, workshop different scenarios including lockdown planning – not that we ever had a pandemic in our workshops – but it’s meant we’ve had a framework in place to keep the business running.” Matt laughs, “We sound like total geeks, but we’re well practised, we know what we’ve got to do and we get stuff done.”
We’re speaking to Matt, along with Paul Bathurst, Director of IT and Dennis Prince, Security Officer, from home via Microsoft Teams. While home working has become the ‘new normal’ for many across the UK, it’s not been without its challenges for IT teams – particularly when lockdown began. “The first challenge was getting everyone set up with a laptop, with a very short runway to get them in when everyone in the world was buying them,” Paul explains. “Then, from a website perspective, it was about reducing the range [available online] to one we could safely fulfil from the distribution centre. People still wanted chocolate, of course, but there were times in the early days when we had to pause orders to catch up.
“With everything going on, we also needed to be aware of the new security issue with homeworking. Staff were having to take business information home, and some of their work involved customer data. We’re continuously reviewing our systems to make sure everything is protected.”
The lifeblood of the business
This is where Dennis Prince comes in. Having worked in global cyber-security, including roles with government organisations, Dennis came out of retirement in 2019 to join the Hotel Chocolat team to make sure the business is doing everything it can to keep its systems secure.
“You know, a chocolate company has the same risks as any other business; threat of cyber-attacks, needing to keep on top of updates, buying the right security tools, getting the right people in the roles,” Dennis explains. “The biggest cyber risk to any business is being hacked, so my job is to look at how we can reduce the chance of that happening. Supplier vulnerabilities are huge and if they don’t have the right protections in place that will trickle down to us. Education is a big thing too – around 70% of cyber-attacks come through email, so I’ve got new training modules coming out to make sure staff are as informed as they can be.”
With so many different considerations for businesses to keep on top of, particularly over the last year when so much has changed, cyber security can easily fall to the bottom of the pile of priorities. We ask Dennis how he got the company interested in a subject which isn’t always the easiest to understand.
He smiles, “In my experience, when you join a company, especially a large international company, you get a lot of pushback. What’s great about Hotel Chocolat is I’ve not had pushback anywhere – people are already on board. It’s unusual to find a business that takes cyber so seriously but everyone here is highly motivated to help the company move forward. It’s wonderful to see.”
Matt agrees, “It helps that the business began in online trading. As an early adopter of digital, this is the lifeblood of the business – if our cyber systems aren’t safe and secure, it’s no different to our duty of care for the physical security of our teams. Not that we have a moat around our car parks full of alligators of course,” He laughs, “But if we can look after people’s physical security, why wouldn’t we be looking after their cyber security too?”
If we can look after people’s physical security, why wouldn’t we be looking after their cyber security too?
A genuine partnership
S-Tech has managed a portfolio of commercial insurance for Hotel Chocolat for over 20 years, with a range of products that has grown and adapted to the changing needs of the business. As the threat from cyber-crime has increased, so too has their adoption of robust cyber insurance policies.
“Our relationship with S-Tech is a genuine partnership. We’ve been through thick and thin together. You properly understand our business, what we do and how we work. I think that Shaun’s [Walker, Managing Director at S-Tech Insurance Services] involvement all the way through is particularly valuable – it becomes a debate and discussion, rather than a one-way thing. We can disagree and compromise, so new plans feel like collective decisions.” Says Matt.
“It’s the smaller stuff too – we’ve gained extra insights and awareness around risks that we should be aware of and what we can do to reduce them,” adds Paul. “The regular updates and information we get from you, even the insurance questionnaire we fill in, has helped our focus and made a difference in our understanding of the processes involved.”
Matt nods, “That upfront effort is great as we know where we are and understand the cover we’ve got. We have those regular reviews – it’s proactive, you know what’s coming up, what’s changing in the business and they keep us updated about what we need to be aware of right now too.
“We don’t want to be a test case for how not to do it, we just want to make sure that we’ve got all the bases covered. On the odd occasion where something doesn’t go to plan, I never think ‘are we covered?’ because I know they’ve taken care of it.”
Seeing the plans come to life
No one could have predicted the pandemic, but it doesn’t seem to have slowed plans at Hotel Chocolat down at all. What’s in the pipeline for this dynamic team?
Paul starts, sharing big plans for the IT systems. “Our systems have served us well but now we need to step it up to deal with business growth and ambitions. So, we’ve got some exciting projects coming up which will see pretty much everything we use get replaced with a new way of working. I’m looking forward to seeing our plans come to life.”
Cyber security remains a top priority, as Dennis explains, “We’re a leader in terms of our cyber security, so I’ve written an international five year plan to really enhance what we’re already doing. We’re going to be safer, our security systems even stronger and our staff will be highly educated, developing all the time.”
“We don’t see customer habits going back to what they were previously,” says Matt. “I think it will be much more blended in terms of multi-channel buying. And the impacts aren’t going to go away this year, it’s going to take a considerable time for people to gain confidence to get back to old shopping habits
“Then who knows? The roaring 20s was predicted [before the pandemic] and may still be a thing, in which case we’ll be ready with the capacities to deliver it!”