Retail response

by Mark Rowe

Retailers are responding to regular cyber attacks, according to research from Zynstra, an IT software company. Some 16pc of retailers said they experienced an attack or attempted attack every day, 11pc said they responded two or three times per week, and 64pc said once a month.

The incidence of cyber attacks was found to be especially high in the grocery industry with 29pc of respondents dealing with attempted security breaches every day, and 55pc every week. In other retail verticals, 65pc of respondents in the sports and outdoor sector said they responded once a week, as did 49pc of fashion retailers and 40pc of department stores.

The research, by independent survey consultants Censuswide on behalf of Zynstra, surveyed 300 IT professionals and C-level executives in the retailer sector in the UK and US.

Nick East, CEO, Zynstra, says: “Taking care of a distributed branch network, from a maintenance and security point of view, can be extremely challenging. Looking at the high number of cyber attacks and attempted attacks shines light on the ongoing battles that retail IT is facing in terms of workload, particularly when it comes to security basics like patching and performing updates.”

A majority, 55pc of retailers are applying security upgrades and patches across their branch network at least once a week; with 12pc doing it daily, and 77pc once a month. In addition, when asked about the frequency of backing up critical in-store data across their branch network, 75pc do so once a week, with almost half of respondents (46pc) doing it daily. The pattern is similar across a range of retail industries; sports and outdoor (79pc), department stores (70pc), electrical stores (69pc), DIY (65pc), grocers (61pc) and Fashion stores (60pc).

Despite the frequency of patching, applying updates and backups, only 33pc of retailers are very confident that their branch network is secure, with the major concerns being that back-up data will not be restored quickly enough in the event of a cyber event (37pc), and that patches and upgrades are not applied in a timely manner (22pc).

East adds: “There is little doubt that IT teams are responding as best they can to mitigate the cyber threat, but despite their action, confidence in retail IT branch security remains a challenge. This lack of confidence points to the fact that a new approach is needed, one that takes the load off IT teams and increases assurance through the intelligent automation of processes required to keep branches secure.”

The research can be downloaded here:


Lisa Baergen, director at NuData Security, said: “In today’s online, big-data driven economy, retailers have never been privy to so much sensitive customer information. Even things that might seem relatively benign on the surface can be used for malicious purposes or can be used in social engineering or phishing tactics to gain more dangerous information. For this reason, all organisations need to make the protection of customer data a propriety, and need to move past the username/authentication model and embrace a model that engages multiple layers – so when one can’t return a high trust confidence, there is another layer to rely upon. The largest merchants and banks are adopting passive behavioural biometric solutions to provide customers data with extra layers of protection, to ensure a strong balance between security from cyberattacks without adding excess customer friction.”

Related News

  • Cyber

    Digital Security Provider

    by Mark Rowe

    Vertical Structure is the first Northern Ireland firm to be recognised as a Digital Security Provider by the Police Digital Security Centre…

  • Cyber

    Education of remote workers

    by Mark Rowe

    Oseloka Obiora, CTO at RiverSafe, considers the cybersecurity education of remote workers: and how they can protect their vulnerabilities from hackers According…

  • Cyber

    CISA Working Arrangement with ENISA

    by Mark Rowe

    The European Union Agency for Cybersecurity (ENISA) has signed a Working Arrangement with the United States’ federal Cybersecurity and Infrastructure Security Agency…


Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing