In 2018, retail ranked the most at risk of cyberattacks out of 18 other industries, according to SecurityScorecard.
Cybercrime will remain a major challenge for retailers this year. The reason is simple: across the sector more consumer data is stored than ever before. But with vast quantities of information being collected across digital platforms, cybercriminals have more doorways to access them.
According to our latest research, eight in 10 retailers think that, from an IT perspective, the biggest challenge they face this year is data loss. And the reason is clear - 79% of those who suffered a data breach in 2018 lost customers, while 62% incurred legal costs.
Security testing remains a vital means of preventing data loss, system outages and costly fines. To keep their critical assets safe, retailers are spending a total of £1.5bn annually to combat the growing threats, with grocery stores alone forking out an estimated £270m.
At a time when the retail industry is under threat from Brexit and changing consumer shopping habits, many can ill afford the burden of these costs and certainly not the resulting impacts. So what can businesses do to ensure they’re protected?
First of all, it’s vital to have a good understanding of the types of testing required: retailers need to determine the risk and set a regular testing schedule.
Just a third of retailers believe they have the skills, capacity and knowledge to carry out testing, which is forcing them to seek outside help, at a cost. Above all else, it’s important to always ask for a personalised service and never accept an off-the-shelf response or solution to a problem. The choice of tester is also vital - ensure the minds you’re paying for have the right technical abilities and principles.
During tough times, it’s easy to see why there is a reluctance to spend hard-won revenue on security testing. However, the security testing process needn’t be complex. As long as you’re given transparency and can garner the expertise of your testers you’ll be in an excellent position to navigate the cyberthreats that will inevitably come our way in 2019.
Brian Harrison is CEO of AVORD