Retailers must reassess their cyber security practices to ensure they are robust and resilient enough to protect their customers.

The way in which we conduct retail transactions is constantly changing. Retail organizations have long been targeted by cyber criminals attracted to the industry because of its size, large quantities of online and point-of-sale (POS) credit card transactions, and millions of POS and IoT devices at remote locations that can be easy targets due to unpatched vulnerabilities and configuration errors.

Retailers began the century as the prime targets for cyber attackers looking for credit card data. But negative blowback from major breaches in the 2000s, fines imposed by regulators, and strict cyber security mandates such as PCI-DSS, helped retailers dramatically improve cyber security and slow down the wave of attacks.

Today, unfortunately, retailers are again coming back to the spotlight. Attackers are no longer focusing solely on credit data, but target rich amounts of sensitive personal data on retailer’s systems or introduce ransomware for a quick payout that doesn’t even require data exfiltration. Thales Data Threat Report: Retail Edition, finds that 45% of retail respondents reported that the volume, severity and/or scope of cyberattacks had increased in the previous 12 months.

The 2022 Thales Data Threat Report Retail Edition summarizes the most important findings gathered from a survey of leaders and practitioners within retail organizations in 17 countries, including grocers, restaurant and food service, as well as “classic” retailers.

The continuous rise of human error, malware and ransomware

Similar to many organizations, 36% of retail respondents cited human error as the leading threat. Of the leading perceived threats, malware tops the list at 65%, and ransomware follows close behind at 52%. Of course, the common attack method is phishing, and its related form, whaling. One shocking statistic is that, even though 55% of retailers had experienced a breach, only 33% of retailers prioritized multi-factor authentication (MFA) as the most effective method for preventing cyberattacks.

Fortunately, 59% of retail organizations are using MFA, however, only 8% of the respondents use modern authentication for on-premises apps and only 20% deploy it to protect the majority of cloud-based applications. Modern MFA is cost-effective, easy to implement, and is so much more secure, that one has to wonder why this has not been a priority for retailers.

Alarming cybersecurity breach statistics

One of the most alarming findings includes the fact that 33% of retailers have experienced a breach in the previous twelve months. But that is not all: only 48% of retailers have a formal ransomware plan, while 27% indicated a willingness to pay the ransom.

Complexity is another problem. 68% of retail respondents identified their Infrastructure as-a-Service (IaaS) environments as multi-cloud, and the same percentage (68%) said they have over 25 Software as-a-Service (SaaS) applications in use, leading to potential issues with the complexities of securing multiple cloud environments.

A visible consequence is that only 46% have complete knowledge or are very confident they know where their data is stored. Another consequence is that 59% of retailers reported having five or more key management solutions, leading to increased vulnerabilities and cybersecurity challenges.

Despite the above findings, retailers are pretty serious about the security of their businesses. For example, 29% of retailers reported that they have adopted and are actively embracing formal zero-trust strategies, just like any other industry. In addition, another 53% is either planning or considering the adoption of a zero-trust approach to securing on-premises, cloud, and remote access management.

Treat your cyber threats like your physical ones

Retailers are ideal cyber targets due to their size, highly distributed infrastructures, and large quantities of online and in-store credit card transactions. The industry is also heavily dependent on high-value, constantly available systems, making them attractive marks for ransomware during the many different retail peaks, when any disruption of their systems can cost millions of dollars per hour.

Awareness of changing risks is high among retail organizations, but this hasn’t accelerated how organizations address them.


5 Top Cybersecurity Tips for Retailers

So what can retailers do to ensure their cyber security practices are robust and resilient enough? The following are some basic tips to ensure retail cyber safety:

  1. Assess risk: Educate themselves on the whereabouts of their data and classify it by risk level to ensure sensitive data is sufficiently protected and encrypted.
  2. Automate data security governance: The modern complex Hybrid IT infrastructure requires organizations to enforce granular security policies across multiple systems, automation is essential to be able to scale protection and meet compliance requirements.
  3. Follow Zero Trust principles: Employ “least privilege” access across the highly distributed, high-value data and assets, both on- and off-premises. By following the principle of “Never Trust, Always Verify”, employees can only access data they’re authorized to, while verifying their identity to do so.
  4. Implement MFA: Add an extra layer of security, such as two factor or multiple factor authentication, to ensure only the intended individual can access the network.
  5. Roll out cybersecurity training: Human error remains the weakest security link across businesses. Create and maintain a cybersecurity awareness training program for all employees so they can competently and confidently navigate risks.


          To find out more, and to learn how Thales can help to improve security for your retail organization, read the full
          2022 Thales Data Threat Report Retail Edition. 


          To find out more about Thales and the services they provide to the retail industry, click here.

          This article was also published in The Retailer, our quarterly online magazine providing thought-leading insights from BRC experts and Associate Members.