THE RETAIL BULLETIN - The home of retail news
Click here
Home Page
News Categories
Commentary
CX
Department Stores
Desert Island Stores
Electricals and Tech
Entertainment
Fashion
Food and Drink
General Merchandise
Grocery
Health and Beauty
Home and DIY
Interviews
People Matter
Retail Business Strategy
Property
Retail Solutions
Electricals & Technology
Sports and Leisure
TRB conference review
Christmas Ads
Shopping Centres, High Streets & Retail Parks
Uncategorized
Retail Events
People in Retail Awards 2024
Retail Ecom North
Retail HR North 2025
Retail Omnichannel Futures 2025
Retail HR Central 2025
The Future of The High Street 2025
Retail Ecom Central
Upcoming Retail Events
Past Retail Events
Retail Insights
Retail Solutions
Advertise
About
Contact
Subscribe for free
Terms and Policies
Privacy Policy
Cultivating a new breed of cyber security for the new shopping experience

Retailers – be they small local shops, online sellers, or top global brands – generate, transfer, and store more data than ever before, ranging from customer… View Article

RETAIL SOLUTIONS UK NEWS

Cultivating a new breed of cyber security for the new shopping experience

Retailers – be they small local shops, online sellers, or top global brands – generate, transfer, and store more data than ever before, ranging from customer data (both online and in-store, as we have considered in previous articles), to supply chain and asset tracking data.

Whether it’s shopping online or utilising in-store apps to access the latest savings and special offers, the way customers shop has fundamentally changed forever, with the data they generate online and in person allowing retailers to build up unique personas that drive truly bespoke experiences.

However, each point of transfer represents an opportunity for bad actors to not only access both corporate and personal data, but introduce malicious software to the underlying infrastructure, and so represents a serious threat to both business and reputation.

While all retailers will already have physical and digital security systems in place, the shifting nature of cyber-crime means that complacency is not an option. The Retail sector must be ready to take a close look at the latest threats and develop a new model of cyber security in response.

The new face(s) of cyber-crime

With the cost of cyber-crime set to hit $10.5 trillion by 2025[1], a growing range of threats – from account takeover to credit card fraud, phishing, web scraping, API abuses, and distributed denial of service (DDoS) attacks – must all be treated with the utmost seriousness. While most of these cybercrime strategies have existed in one form or another for some years now, the growing sophistication and accessibility of AI is increasingly allowing them to be automated, significantly increasing the scale and speed at which attacks can be staged. Compounded by the rise of state-sponsored cyber-crime, this continued barrage of attacks represents an ongoing risk for the entire sector, threatening sales, customer satisfaction, and – ultimately – brand reputation.

Furthermore, in light of increasingly stringent data protection regulations, such as the GDPR, retailers have a legal obligation to ensure all data is gathered, transferred, and stored with the greatest degree of care, and are expected to show evidence of a proactive approach to cyber security at their corporate headquarters, store locations, warehouses, throughout their supply chains, and across every element of their online presence.

The lingering threat of ransomware attacks

Ransomware attacks remain an omnipresent threat for retailers. In early 2022, an attack on KP Snacks crippled its IT infrastructure, leading to serious supply issues, while as recently as March 2023, WH Smith experienced an attack that left its staff’s personal data compromised. When cyber criminals seize control of IT infrastructure in this way, retailers are left unable to do business, with no guarantee that their data will be restored even if they do pay the ransom demand. At the same time, GDPR regulations require companies affected to inform customers that their data has been compromised and may be for sale on the dark web, leaving them open to other forms of cyber-crime.

A comprehensive plan to guard against ransomware attacks and ensure critical infrastructure can be restored and secured as quickly as possible in the event of a breach is therefore essential for all retailers. This is not only a question of ensuring lost trading hours are kept to the absolute minimum, but avoiding serious reputational damage that will discourage both existing and potential customers from making purchases going forward.

DDoS attacks have a tangible impact on in-person sales, as well as online

Long recognised as a serious source of disruption by online businesses, DDoS attacks now have the potential to negatively impact face-to-face sales as well. In our era of contactless payments, if the EPOS system is inoperable, sales cannot be completed, which will inevitably impact the retailer’s profits, reputation, and the quality of their customer experience. With such attacks increasing in both frequency and intensity throughout 2022[2], effective DDoS protection should be incorporated into any effective retail security system.

Balancing unforgettable customer experiences with the most robust data security

The cyber threat landscape continues to evolve, with new threats emerging on a regular basis, and this will only accelerate as the Retail sector continues to embrace the next generation of smart technology, and cyber criminals utilise bots and automation to boost the frequency and intensity of their attacks. Retailers must therefore begin treating cyber security with the same urgency as physical security systems, and work closely with their technology partners to develop fully integrated systems that provide customers with complete peace-of-mind as they shop.

If you would like to discuss anything we’ve looked at here in greater depth, do not hesitate to contact us, to arrange a deep dive into your security challenges and take your first step towards developing a next-generation security ecosystem that frees you to focus on delivering exceptional customer service.

 

Subscribe For Retail News