The UK’s retailing sector has experienced 44 cyberattacks in the last year – roughly one every eight days – according to research by Keeper Security.
As part of the 2021 Cybersecurity Census Report, three-quarters of retailers believe that the number of cyberattacks they are faced with will only increase in the next 12 months and, with that, disrupt the retail ecosystem.
The retail sector has been under immense pressure over the past 18 months. The COVID-19 pandemic has hit retailers’ front line with store closures on the high street and major supply chain disruptions as a result of Brexit.
But there are also cyberattacks causing disruption as well. When successful, the research found that cyberattacks against retailers have resulted in severe disruptions to partner and customer operations (34 percent), the supply chain (33 percent) and a retailer’s ability to trade (29 percent) highlighting it isn’t just macro issues retailers are having to deal with.
However, the retail sector is acutely aware of the cybersecurity threats it is facing. 41 percent of respondents said IT has been the top investment priority over the last year. The large majority of retailers (86 percent) know where the gaps or weak links in their cybersecurity defences are. But worryingly only 35 percent are addressing them, which means that some vulnerabilities continue to be exploited.
Senior IT leaders in the retail sector would like to see cybersecurity become a board-level issue, with four in five calling for a member of the board to be dedicated specifically to the cyber welfare of the business. At the same time, retailers are aware that they can’t solve all their cybersecurity challenges by themselves, especially as they currently consider an attack on a cloud provider they use to be their largest cybersecurity vulnerability.
Keeper Security CEO Darren Guccione said that the retail sector has had a really tough time over the last 18 months particularly on the frontline of the business but what we have found is retailers are struggling internally as well, especially with cybersecurity risk.
“Cybercriminals are targeting retailers as they see them as an easy target and the rewards for a successful breach are vast given the pools of data a retailer is likely to have on its system. Over half of employees working in retail don’t understand the cybersecurity implications of poor password hygiene highlighting just how critical not only improving current cybersecurity training but also making sure the right IT staff are in place from the very beginning.”