Is the Christmas trading season a gift for cyber criminals?

27th November 2019

Stuart Reed
VP Products

Over a quarter of retailers have been hit by a security breach within the past 12 months – are they ready for Black Friday and Christmas trading?

With Black Friday and Cyber Monday kicking off the festive shopping season later this week, the industry is headed for its busiest period. Last year, UK shoppers spent a reported £1.23bn over the Black Friday weekend alone. Despite modest online sales predictions for 2019 by IMRG, the peak in communication with customers and activity on the network comes with increased cyber risk.

Our recent Cyber Confidence research report gave an indication of the level of cyber risk in the retail industry. Highlights include:

  • Over a quarter (28%) of CISOs in the retail industry said that they had been hit by a security breach within the past 12 months
  • 91% of those which suffered an attack had been hit more than once
  • Retail is the second most attacked industry sector, finance being the first
  • Ransomware was the most common security incident

The retail industry has become a top hunting ground for cyber criminals and this is only likely to become worse over the festive period. Whether it’s phishing campaigns that are more successful due to the festive theme or fraudulent sites created to divert web traffic, there is huge potential for financial loss for customers and irreparable reputational consequences for retailers.

Retailers need to ensure that as sales volumes grow, so does their cyber awareness and defense. Keeping employees educated on how to respond to the likes of a potential phishing attack, particularly when many of these workers may be temporary staff, is fundamental. It’s also important to have technology and processes in place that have broad visibility of the network, to identify and eliminate potentially malicious incidents quickly. For many retailers it will also be important to ensure their supply chain has a similar level of security precautions and any brand adjacencies are monitored to ensure fraudulent websites haven’t been set up to siphon customer information.

In light of our Cyber Confidence research it’s clear that the retail industry has some way to go in terms of cyber resilience. For this shopping season in particular, both consumers and retailers alike need to be extra vigilant to potential threats and suspicious activity.

Read the full Cyber Confidence report.

Cyber Confidence in Retail infographic

Download here