The UK’s retailing sector has experienced 44 cyberattacks in the last 12 months – roughly one every 8 days – according to new research by Keeper Security. The warning comes ahead of Black Friday, where UK shoppers are expected to spend over £9 billion this year, as well as the Christmas shopping period.
As part of the 2021 Cybersecurity Census Report, three-quarters (77%) of retailers believe that the number of cyberattacks they are faced with will only increase in the next 12 months and, with that, disrupting the entire retail ecosystem.
The retail sector has been under immense pressure over the past 18 months. The COVID-19 pandemic has hit retailers’ front line with store closures on the high street and major supply chain disruptions as a result of Brexit. But there are also cyberattacks causing disruption as well. When successful, the research found that cyberattacks against retailers have resulted in severe disruptions to partner and customer operations (34%), the supply chain (33%) and a retailer’s ability to trade (29%) highlighting it isn’t just macro issues retailers are having to deal with.
However, the retail sector is acutely aware of the cyber security threats it is facing. 41% of respondents said IT has been the top investment priority over the last year. The large majority of retailers (86%) know where the gaps or weak links in their cyber security defences are. Worryingly only 35% are addressing all of them, which means that some vulnerabilities continue to be exploited by bad actors.
Moreover, senior IT leaders in the retail sector would like to see cyber security become a board-level issue, with four in five (78%) calling for a member of the board to be dedicated specifically to the cyber-welfare of the business. At the same time, retailers are aware that they can’t solve all their cybersecurity challenges by themselves, especially as they currently consider an attack on a cloud provider they use to be their largest cybersecurity vulnerability.
“The retail sector has had a really tough time over the last 18 months particularly on the frontline of the business but what we have found is retailers are also struggling internally as well, especially with cybersecurity risk.” explained Darren Guccione, CEO & Co-founder of Keeper Security.
“Cybercriminals are targeting retailers as they see them as an easy target and the rewards for a successful breach are vast given the pools of data a retailer is likely to have on its system. Over half of employees working in retail don’t understand the cybersecurity implications of poor password hygiene highlighting just how critical not only improving current cybersecurity training but also making sure the right IT staff are in place from the very beginning.”
