Most verticals are currently undergoing major digital change as they seek to drive efficiencies and business agility and get closer to their customers. But perhaps none are undergoing IT transformation as rapid as the retail sector. It is claimed that the industry will change more over the coming decade than it has over the past four, as firms look to tap a potential global market of $3tn.

Many retailers are finding their hand being forced by tightening consumer spending and fierce competition from online-only tech innovators, which are capturing the hearts and minds of increasingly digital-savvy shoppers. A 37% increase in UK high street store closures from 2018 to 2019, the biggest in five years, is just one example of the urgency of doing so.

As a result, retail IT environments are most commonly a blend of old and new, legacy tech and newer digital platforms. Unfortunately, their bold moves to drive more agile, innovation-fuelled businesses risk also attracting a new breed of hackers with their own revenue targets. Data loss and service outages are increasingly common.

Driving digital transformation in retail

Digital transformation is the key to securing success in the changing and challenging retail sector. Find out more in this infographic.

Embracing the digital revolution

Retailers are looking to a range of new and emerging technologies to improve back-end efficiencies and create more compelling, unified shopping experiences for their customers. These include AI and big data to improve forecasting and offer customers predictive recommendations; robots to drive manufacturing and distribution efficiencies; and AR/VR to aid product design and in-store demos. The Internet of Things (IoT) also offers huge potential to retailers in supply chain management, in-store smart lightning, shelving, check-outs and even connected fitting rooms. Cloud and mobile platforms are at the centre of these efforts, as more and more retailers push towards omnichannel experiences that provide a hugely valuable unified view of each customer.

Yet in this push to digitalize, retailers could also be exposing themselves to greater risk of cyber attack. The sector accounts for more security incidents than any other, according to one security vendor. This is a challenge, given the highly competitive nature of the market and the ease with which consumers can move between retailers. The problem for them is that nearly two-thirds of consumers today would blame the company for any data loss, rather than the hacker.

Some of the largest breaches ever recorded have been on companies in this vertical, including US companies Target (110 million customers) and TJX (94 million). The impact of attacks could be devastating, leading to major financial losses, and reputational damage which in turn could spur customer attrition. The average cost for breaches in the sector is estimated at $3.6m, but could go far higher, especially if fines from PCI DSS or GDPR regulators are included. The UK’s e-commerce market is the largest in Europe, offering further inducement for hackers to target retailers of all sizes for highly monetizable customer financial and identity data.

To take action, IT leaders need to better understand the threat to their systems from DNS-based attacks, quantify the business risk and then take action by gaining improved visibility into DNS traffic.

The key to successful digital transformation in retail

As retailers go digital, they expose more and more of their businesses and data to cyber threats. Learn more in this whitepaper.

Why is DNS important?

So why exactly is DNS so crucial to mitigating cyber risk? The truth is that no organization can do without its DNS infrastructure: it converts domain names to IP addresses so machines can communicate with each other on the web, enabling humans to find the websites and apps they’re looking for. Remove it, and customers and employees would be left with no digital signage to get them to the right web properties.

The problem is, the DNS was designed in an age long before career cyber criminals, meaning built-in security is poor and design flaws exist which could allow attackers to take advantage. For example, by attacking an organization’s DNS server, hackers could change the answers to the queries stored there, redirecting customers or employees unwittingly to a malicious or phishing website. DNS traffic is also usually whitelisted by firewall, making it the perfect channel via which to issue commands to compromised clients, or even to smuggle stolen data out of a victim organization.

Yet just as DNS is a major part of the problem when it comes to cyber threats, it can also be part of the solution. Nominet’s network detection and response solution, NTX, offer retailers an opportunity to spot malicious traffic, right down to single malicious packets in huge volumes of legitimate data. That means organizations can detect and block attacks before they have a chance to impact the organization.

Nearly all cyber attacks use DNS at some point in their lifecycle. With NTX, retailers have a chance to stop the hackers dead in their tracks.