From financial data, address information, and even sensitive purchases, retailers handle vast amounts of sensitive customer data, making them prime targets for cyberattacks.
Cybercriminals often exploit this by using techniques like phishing, where they trick employees into providing login credentials that are then used to access company systems.
As retailers adopt more cloud services, they face a rise in cloud-based attacks. Attackers exploit valid credentials to access cloud environments and move laterally within the system, accessing sensitive data without triggering any alarms.
For example, if there is a breached username/password combo attached to an email, attackers can submit that combination everywhere—including platforms and systems used by the employer and beyond—in the hope that the user has re-used their credentials. These breaches are often only discovered when unusual data transfer patterns are detected during routine audits.
Retailers also rely on specialist third-party vendors for various services; however, this can also introduce potential vulnerabilities, as service providers can be a collation point for large and potentially interesting datasets. Cybercriminals can exploit these relationships to gain access to multiple organisations.
For example, an attacker can infiltrate a payment processor’s network and use it as a gateway to access multiple retail clients’ systems, stealing customer payment information from a multitude of stores and businesses at once, instead of attacking each business directly. As such, it’s important that retailers secure their environments as much as possible to mitigate the risk.
Retailers need to adopt comprehensive cybersecurity strategies to rebuild trust. Here are some effective measures:
1. Educate and train employees
Regular training in recognising and responding to cyberthreats, such as phishing and social engineering, is crucial. Employees should be aware of the risks and how to mitigate them. To keep training effective and engaging, incorporate interactive cybersecurity workshops, and share real-world examples of recent cyberattacks to make the lessons more relatable and impactful.
2. Implement strong authentication
Multifactor authentication (MFA) adds an extra layer of security by requiring multiple forms of verification. This makes it much harder for attackers to gain unauthorised access using stolen credentials. Enhancing security with biometric verification, like fingerprint or facial recognition, can provide additional protection, while implementing MFA for all remote access points significantly reduces the risk of breaches.
3. Secure cloud environments
Retailers should implement stringent security measures for their cloud services—including advanced encryption, continuous monitoring, and regular security audits to detect and address vulnerabilities—and pass these on to their providers and implementation partners. Using identity and access management (IAM) solutions helps control data access effectively, while ensuring secure connections to cloud services through virtual private networks (VPNs) is also essential. These solutions should be audited regularly to ensure retailers continue to get the secure, trusted cloud environments they pay for.
4. Strengthen third-party security
Conduct thorough security assessments of third-party vendors and include strict cybersecurity clauses in contracts. Regular security audits, immediate breach notifications, and compliance with data protection regulations are essential. Requiring vendors to adhere to industry-standard security certifications enhances trust and reliability. At the same time, conducting joint incident response exercises with vendors ensures better coordination during a breach.
5. Leverage AI and automation
Artificial intelligence (AI) can help close the cybersecurity skills gap by providing 24/7 monitoring and threat detection. AI-powered solutions can reduce the strain on security teams and enhance overall protection. Investing in secure solutions that leverage machine learning (ML) algorithms to identify patterns and anomalies can help retailers proactively mitigate threats, while using AI-integrated tools for automated phishing detection can prevent many attacks from ever reaching employees’ inboxes. Conducting due diligence to find trusted secure solutions is crucial; retailers should look for vendors with a proven track record, strong industry certifications, and transparent security practices to ensure robust protection.
6. Adopt edge security and SASE solutions
Adopting edge security and secure access service edge (SASE) solutions can provide comprehensive protection for distributed networks. These solutions integrate network security functions with wide area network (WAN) capabilities, ensuring secure access regardless of location. By pushing security functions to the edge, organisations can reduce latency and improve user experience. Implementing SASE helps in consolidating multiple security services into a unified framework, simplifying management and enhancing overall security posture. Additionally, introducing zero trust architectures and capabilities can further strengthen security by ensuring that every access request is thoroughly verified, regardless of the source.
7. Implement secure remote support solutions
Secure remote access, management, and monitoring solutions empower retailers to monitor their systems in real time, ensuring potential threats are quickly identified and mitigated. These solutions let IT teams manage and troubleshoot devices and applications from anywhere, maintaining operational efficiency and reducing downtime. Consistently applied security protocols across all devices and locations help protect sensitive customer data, maintain regulatory compliance, and ultimately rebuild and sustain customer trust.
Cyberthreats aren’t going away anytime soon so retailers must prioritise cybersecurity to rebuild and maintain public trust. Retailers can do this by protecting sensitive data, educating employees, implementing strong authentication, securing cloud environments, strengthening third-party security, leveraging AI, and adopting SASE solutions.
While it makes sense for retailers to outsource cybersecurity from both a capability and cost perspective, as they are not domain experts and can benefit from the efficiencies of scale, they cannot outsource the inherent risk. As such, retailers must still own the risk of breaches and need to find an effective balance.
Collaborating with a partner that offers secure remote access, management, and monitoring solutions can further enhance these efforts, providing robust and comprehensive protection against cyberthreats while ensuring that the ultimate responsibility for security remains with the retailer.
Craig Searle is director of consulting and professional services (Pacific and Asia) and global leader of cyber advisory, Trustwave.