According to a report from Sophos, in 2021, ransomware affected 77% of retail organizations, up from 44% in 2020, making retail a high-risk sector for cyberattacks like ransomware and credit card skimming.
Retail & Distribution
20 Sep 2023
Gartner reports a compelling reason for over two-thirds of retail CIOs increasing their cybersecurity investments: the retail industry has emerged as a prime target for cybercriminals. In fact, it now holds the unfortunate distinction of being the number one victim of cyberattacks within the private sector. As such, bolstering cybersecurity measures has become an imperative priority for retailers aiming to safeguard their operations and protect their customers’ sensitive information.
Cybersecurity in retail: multiple threats
There are multiple threats, ranging from phishing to ransomware, and these often take advantage of bad habits such as being late in applying security updates, inadequate management of access rights and even passwords stuck onto tills as a reminder, to name just a few.
Correcting these poor practices eliminates 80% of risks, says Jean-Jacques Latour, head of expertise for cybermalveillance.gouv.fr.
Key measures for delivering on cybersecurity
Our Guide to Cybersecurity in Retail provides an update on the types of threats facing retailers, the risks that CIOs need to pay attention to, and details on how to be more effective in protecting retail chains against cybercrime.
Here’s an overview of the key recommendations:
Bolster your prevention policy
- Making all staff aware of the need to protect against cyber threats is critical to a successful security policy.
- Access control and securing workstations and the network are essential first steps.
Detect suspicious behaviours
- Procedures for managing and tracking incidents help to trace any intrusions back to their source.
- Conducting regular security checks and audits means that corrective actions can be taken.
Prepare for crisis management
- Preparing a plan B that includes the concept of cyber-continuity allows you to react if information systems become paralysed.
- Allocate a specific budget for conducting intrusion tests and think about what scenarios could occur during an attack.
Anticipate future threats
- Because cybercrime adapts in real-time to the defensive strategies that businesses and the authorities adopt, retailers need to be continually vigilant.
- SaaS and securely storing data in the cloud reduce points of vulnerability. Cegid’s global cloud draws on Microsoft’s Azure platform and four PoDs (points of delivery) in Ireland, the US, Singapore and China to ensure continuity of operations.
Want to know more? Read about all our experts’ best practices by downloading the Guide to Cybersecurity in Retail.