During October, we hosted a Roundtable in partnership with Lloyds to help retailers understand and manage their financial exposure to potential cyber-attacks. During the Roundtable, we offered practical expert advice and guidance on the strategies and tools retailers can put in place to effectively prepare for, respond to and recover financially in the event of a cyber-breach.
Cyber-crime targeted at the Retail Industry has increased exponentially in the past two years, with the number of incidents now surpassing those experienced in the financial services sector. In the last 6 months, it is estimated there have been 10 trillion attempts on retail user credentials in the UK compared to 1 trillion against banks.
With this dramatic increase in targeted attacks, cyber risk needs to be understood as a collective responsibility and not solely as an issue for IT teams as it has been perceived to be in the past. CEOs need to be driving a cyber security strategy that can adapt and take into consideration the function of the whole business to prevent the agonising aftermath of an attack.
The risks to retailers
Cyber-attacks can target businesses with just one singular attack or multiple at a central computer, bringing down all digitised functions of an organisation. With retailers having more and more of a dependence on digitisation - from the ‘customer journey’ to ‘supply chains’ - the impacts of an attack on one element of the business could have detrimental ripple effects across all functions.
“I encourage all companies to maintain a dialog with their banks on cyber-security policies and relevant mitigation strategies. This will help facilitate their support to recover from a cyber-attack.”
Philipp Gutzwiller, Head of Retail, Large Corporates, Commercial Banking
What are the implications?
A cyber-attack has a direct impact on the company’s key financial drivers (sales liquidity, share performance, etc). Assessment of a company’s cyber-risk is also now part of their credit assessment, so ways in which companies deal with cyber risk may have an impact on their cost of funding.
Credit risk, liquidity risk, market risk, physical damage and business damage are also possible implications on a business from an attack and without a thorough strategy for when an attack does happen, your business could be left for days, weeks or even months before it regains control with unlimited financial implications.
What can you do now?
The question is not if, it’s when a cyber-attack happens and so businesses need to ensure they are doing what they can now to prevent an attack as well as plan for what they will do in an event of a cyber breach. Both Lloyds Bank and The National Cyber Security Centre (NCSC) can offer guidance to prepare and mitigate the effects of a cyber-attack
“Lloyds can help our clients to assess their cyber risk vulnerability based on their internet-facing connections, how they rate against peers, how often systems are patched or upgraded, client/colleague sentiment on social media, evidence of attempted attacks and more.”
Giles Taylor, Head of Cyber Security, Lloyds Bank
You can also find more information below on staying on step ahead of Cyber Risk: