Every October on the occasion of Cybersecurity Awareness Month, the government and private sector work together to promote cybersecurity awareness and provide everyone with the resources they need to safeguard their personal information from online threats. The goal of the month is to develop content and messaging that businesses can use to educate their employees and consumers on how to remain safe online.
The retail sector comprises a huge amount of sensitive data such as credit/debit card details and personal information of consumers and therefore, retailers are a tempting target for hackers. Retail Voices spoke to experts at different levels in the industry to take a deep dive into how retailers can protect themselves and their consumers while catering to the rapidly evolving landscape.
The Risk of the Festive Season
The retail and logistics sector may anticipate a sharp rise in activity and revenue as the festive shopping season approaches and consumers swarm to the internet and stores to finalise their shopping. However, so too does the risk of cyberattacks rise throughout the holiday season. Jonathan Mauerer, VP of Operations at Teamwork Commerce, notes that hackers are often looking for ways to penetrate during these busy periods. He comments: “Retailers are not only responsible for protecting their sensitive information but also that of their customers, such as payment details and home addresses.”
To ensure the security of the data, advanced technologies must be leveraged. Mauerer adds: “To better protect their customers’ information, retailers can lean on secure CRM software that is GDPR compliant and deployed with top-level security.”
Preparing for the Worst
The state of cybersecurity has shifted dramatically in the last decade, in line with the digital transformation of businesses. Especially the retail sector which has emerged with several digital offerings and increased e-commerce. Dominik Samociuk, Head of Security at Future Processing, states: “This year’s theme could not be more prominent as there are increasing risks of being exposed to cybersecurity threats, with hackers using the weakest link to attack – in many cases, this relates to their people, as the IT skills gap has created huge challenges for the industry to overcome.” This year’s theme suggests that each individual decides to be safe online. When looking at statistics from the cybersecurity world, humans are, in most cyberattacks, the weakest link of cybersecurity measures – as 95% of data breaches are the result of human error.
Will Liu, Managing Director of TP-Link UK supports this and adds: “The most common network management security issues arise from network administrators using excessively simple passwords for their credentials. It might sound like common sense, but password best practice is sometimes overlooked. To avoid security issues, anyone with the responsibility of creating a password needs to have a good understanding of safe practices, such as password creation that will be highly effective against dictionary attacks.”
What’s more, retailers must stay alert all the time – but especially during the festive season – keeping an eye out for potential red flags, like messages that feature a sense of urgency and threatening language. In 2021, almost 40% of breaches featured phishing, and around 11% involved malware. Mauerer from Teamwork Commerce says it best: “If you’re not sure, don’t click.”
Best Practices
Future Processing’s Samociuk comments: “Companies implementing cybersecurity awareness programs in their operational policies and employees that want to be aware and up-to-date with current cyberattacking schemes, are the ones that will be safe online.”
“Cybersecurity best practices need to be run on a 24/7 basis, meaning the level of technical knowledge and skills that employees need to obtain as security specialists have never been higher,” adds Samociuk. In addition to upskilling and educating, retailers should also take measures on the back end to keep a secure connection at all times. There are several ways to ensure security, but some of the basics can make a significant difference.
According to Dominik Birgelen, CEO at oneclick, “Cloud offerings, apart from facilitating growing virtualisation, play a key role in creating an additional security layer within organisations. With rising threats and vulnerabilities such as increased third-party vendor involvement, employee error, negligence and phishing attacks, cloud-based solutions can help businesses to stay secure and remain protected from these types of breaches.”
Mauerer from Teamwork Commerce states: “Cybersecurity is not restricted to just festive peaks or a specific employee in a retail business; instead, it is an ongoing practice that retailers must adopt for the long term.” Looking ahead to the festive season, retailers need to be already prepared for cybersecurity threats, and if they are only considering the potential implications now, it’s too late. They need to have a strategic plan that combines processes, the best technology, training for staff and specialist support to ensure that their business can withstand the rise in cyberattacks and that their team and customers can keep safe from online threats.
Staying Prepared
Nehal Thakore, Country Head UKI at Bosch CyberCompare, asserts: “It is evident that any business can face a cyber-attack regardless of its size. And the industry must understand that the focus should not be on ‘if’ but ‘when’. Organisations should ensure that their environment is secure and prepared for business continuity with different tools, processes and redundancy.”
All in all, retailers must not delay in deploying cybersecurity measures until a cyberattack actually takes place; rather, they must continually be prepared to deal with one. In this rapidly changing digital landscape, retailers must play their part responsibly.
