Preparing for a rise in retail cyberthreats ahead of the holiday season

Like any retailer, you’re likely currently in the midst the busiest time of the year – for instance, the recent Singles Day and Black Friday. The holiday season also brings with it increased activity and revenue as customers flock to your website or your physical store to complete their shopping. While lots of preparation goes into the retail sales peak it’s important to consider, does this also include being prepared for the increased risk of cyberattacks?

Threat actors often seek to exploit the rise in consumer traffic over this holiday period. Research shows that attempted cyberattacks expand in both scale and magnitude over the season, with everything from fraud and phishing to ransomware attacks posing a risk to the retail sector. In fact, according to a report from cybersecurity company Darktrace, global ransomware attacks increase by 70% during the holiday season.

With this period being the most intense time of year for persistent threats of cyberattacks, it’s especially important to look at your cybersecurity connected to video surveillance and connected devices and understand what to do to minimize vulnerabilities.

Understand the cybersecurity threat

To remain resilient against the growing and costly effects of a cyber breach during this holiday period, you must first understand what makes you, as a retailer, particularly vulnerable.

The reality is that today, everything is connected – so every aspect of your retail surveillance system could potentially be subject to cyberthreats. While the shift from legacy CCTV and analogue devices to modern physical technologies can provide valuable data insights, when these technologies are not properly secured, they could actually present a vulnerability in your system.

Today’s cameras and IOT devices can collect valuable data and insights that you do not want to lose or leak.  The implications of this can be critical, resulting in significant costs to the business. For example, a recent IBM report revealed that the average cost of a retail data breach is around $2.96 million. This can also result in retailers having to close their stores, with research from CSO’s The State of Cybersecurity 2021 revealing that 15% of organizations closed due to a cyberattack.

Further still, the retail sector has access to more personally identifiable information (PII) of customers than most industries, meaning it is particularly lucrative for cybercriminals. With the potential risk of theft of your customer data and PII, cybersecurity should, therefore, be a high priority for you as a retailer.

Prioritize cybersecurity in your surveillance system

When it comes to hardening your defences against attacks like these, access to threat intelligence and other threat intel sources provides a competitive advantage. Regardless of the quality of video that your surveillance system provides, it’s crucial that the suppliers you work with demonstrate a high level of cybersecurity maturity and offer measures that help you to protect your system.

In line with this, it’s important to ensure that the software used in your operations are fully updated to include the security patches. As part of retail security management, you should be looking to ensure that your entire system is protected from potential attack, including identification of any potential weaknesses that could result in the system being compromised.

Overall, the surveillance vendor should provide software tools that help you manage risk, and a reliable partner will advise you on best practices to maximize protection against evolving threats.

Complying with data privacy regulations

When it comes to protecting your customer data and reducing the risk of fraud for your retail organization, complying with data privacy regulations is crucial.

It’s important to implement principles like the General Data Protection Regulation (GDPR) to protect customer data and minimize the risk of a potential breach. In the US specifically, employing the Payment Card Industry Data Security Standard (PCI DSS), ensures the security of credit, debit and cash card transactions, and protects your customers against misuse of their personal information.

The impact of not complying with regulations and standards like this can be catastrophic when you consider the combination of the cost of the breach itself including any related fines , the damage to reputation and the loss of customer trust. For instance, research shows two-thirds (65%) of shoppers express they’d be likely to terminate their relationships with retailers after experiencing even just one instance of data theft or payment fraud.

As a retailer, you can’t risk losing customers – particularly ahead of the retail sales peak – and so it is crucial to bolster your cybersecurity and take proactive steps to keep your customer data safe.

Be better prepared for the holiday season

The importance of cybersecurity in retail cannot be underestimated. Cybersecurity spans the entire retail and logistics supply chain and so it’s important to protect your computer networks and data, particularly in the run up to a sales peak. By working with suppliers who value cybersecurity as much as you and your customers do, you can ensure you’re as prepared as possible to face the spike in cyberthreats as we approach the holiday peak.

Learn how to get the best value for your money using the Axis guide

Get the guide