The past 18 months have been disruptive to say the least. Yet, one of the hardest-hit industries has undoubtedly been retail, says Dominik Birgelen, pictured, CEO of software company oneclick AG.
The pandemic resulted in multiple nationwide lockdowns forcing many to close their stores, impacting global communities, dislocating international supply chains and triggering steep sell-offs in financial markets. One thing has become clear: the high street will take on a very different form once the pandemic is over. And with change comes new challenges.
Now a digitally savvy sector, retail is faced with an unwanted issue. The industry’s vulnerability to cyber-attacks has increased as stores of every shape and size pivoted to eCommerce platforms in an attempt to continue trading and remain profitable. Consequently, growing customer information, including personal and financial data, is becoming too challenging to resist malicious cyber hackers. The retail industry continues to be a target for financially motivated criminals looking to cash in on the combination of payment cards and personal information this sector is known for.
In fact, from the 2021 Verizon Data Breach Investigations Report, financial motivation accounts for 99 per cent of breaches. The report also highlighted that 44pc of data comprised is payment related, 41pc personal and 33pc credentials.
What’s more, insider threats in retail are also rising. The pandemic has also had a hand in this. Due to multiple lockdowns, retail institutions have moved and adapted swiftly to adjust their turbulent operations while managing a remote workforce. Without sufficient cybersecurity processes in place to support remote working, retailers are left vulnerable to insider threats. Whether it’s a corrupt employee or an undertrained staff force, remote systems not built for self-protection will suffer.
In addition, many retail players have had to outsource parts of their business processes to third parties to survive the turbulence of COVID-19. For example, online ordering relies on huge amounts of planning, supply chain management and delivery partners. The more external parties involved with a company system, leaves the institution more and more vulnerable.
Combating bad bots
Another cybersecurity concern for the retail sector that has escalated during the pandemic is the rise in ‘bad bots’, in fact around 30 percent of all web traffic is made up of them. Bad bots interact with applications in the same way, a legitimate, a human user, making them a lot harder to detect and prevent. They enable high-speed abuse, misuse, and attacks on websites, mobile apps, and APIs. They also allow bot operators, attackers, unsavoury competitors, and not to mention, fraudsters, to perform a wide array of malicious activities. Attacks include denial of inventory, scalping, scraping and credential stuffing. Bot attacks result in poor website performance and the exposure of sensitive customer data and lost revenue for the retailer.
Future proofing retail
Technology has been a huge enabler for many retailers to stay relevant over the past 18 months. The move to eCommerce platforms has been a turning point for many. Yet it is the evolution of cloud computing, which was traditionally valued for its cost saving capabilities, that is now invested in for its enablement for future innovation in retail. Cloud-based technologies also allow retail institutions to implement critical cybersecurity measures that prove extremely difficult to penetrate including Zero Trust Architecture (ZTA). Through a ZTA approach, no actor who wants access to the retailer’s resources or services in the network is trusted from the outset. This means every access, whether from outside or inside, is individually authenticated.
Retailers can also lose insider threats, maliciously intended or not through disconnecting the end user environment from the corporate hosting environment. The combination of a cloud security software that only grants access to shared applications and not to the entire corporate network while allowing top-level managers to restrict access to data ensures that sensitive files can only be downloaded from the server to the end device authorisation.
Secure end to end cloud software will also ensure that bad bots are well and truly dealt with. Cloud-based software that includes shielded logins, disconnecting the end user environment as well as ZTA makes the ideal combination to fend off bad bots.
No doubt the retail industry will continue to face these evolving cyber threats as the demand for eCommerce increases. With customers’ financial and personal data on the line, retailers now have to prioritise cyber security. Implementing an end-to-end cloud-based security solution, is a simple yet highly effective way to combat these cyber concerns in 2021.
