The changing requirements of the tech-savvy shopper means that retailers are having to evolve their digital footprint to generate sales and satisfy the evolving requirements of the customer. Today, customers who have become accustomed to online shopping during the Covid-19 pandemic want to browse entire ranges and catalogues at the click of a button and swipe of a finger.
For retailers, this means having a greater ecommerce platform across mobile and website. But the stark reality is their digital attack surface will be larger as a result, opening up opportunities that invite the cyber attacker in. Managing the growing threats and vulnerabilities associated with ecommerce shopping could be the biggest challenge yet for retailers.
[Related Reading: Top Cybersecurity Statistics and Trends of 2021]
Inviting the Attacker into the Network
Over the last year, we saw a remarkable shift to online shopping, in part due to the Covid-19 lockdowns and store closures. Over 75 percent of people are now shopping online at least once a month. Yet, many retailers still have legacy systems and infrastructures in place, which manage areas of critical value to a business, such as finance, merchandising, and warehousing. This can create reliability and security challenges across the network, incentivising attackers to take advantage.
Therefore, retailers who have yet to update their infrastructure should consider multi-cloud solutions. Cloud enables a consistent and visible security posture with usable information. This data is then optimised to enable systems to run independently and effectively.
Limiting the Attack Surface
The rise in online shopping has also resulted in an increase in mobile browsing activity. Mobile commerce sales are increasing by 16 percent each year, and it is expected that by 2023, mobile sales will overtake sales via desktops.
Most websites are built using the same code across all platforms, just with a different user interface depending upon the device being used. When mobile applications are introduced, the amount of code needed to support multiple platforms increases, meaning that an even larger surface area needs to be protected with reliable and scalable cybersecurity solutions.
Then, throw user error into the mix and the cybersecurity challenge increases. Free public Wi-Fi, for instance, can be accessed by anyone and can make the customer extremely vulnerable to attack. When shopping online via a public network, customers are unwillingly increasing opportunities for the cyber attacker to access personal and business information if the right security is not in place. Encrypting a mobile site, additional protection, and using updated cyber software and solutions can help protect a customer from a cyberattack.
Inviting the Attacker In-Store
The easing of lockdown restrictions has allowed most retailers to reopen their brick and mortar locations and welcome customers back with (socially distanced) open arms. However, the last year has brought the benefits of retail technology into sharper focus, and therefore, it is no surprise that some retailers will utilise digital solutions in store as well, to make the experience easier for the customer and more efficient for staff.
For instance, augmented reality can personalise the experience throughout the store, guiding customers to a sale, while wireless management systems, available by a portable tablet, can help staff check stock, customer information or even click and collect orders quickly and effectively. But what does this mean for the cyber attacker? Again, additional devices and technology, likely all connected over one Wi-Fi connection, are inviting the attacker in and providing access to valuable data.
Most importantly, are in-store staff trained enough in systems, policies, and processes to avoid a security breach? Months of lockdown and the employment of new staff will mean that most are not 100 percent familiar with the data systems. While retailers adapt to reopening, without the right training, it’s the staff that could be most vulnerable to inviting in the attacker.
If you’d like to understand more on how Timico is helping retail organisations transform securely in this increasingly digital age, visit our retail webpage to book a free consultation.
Timico is a managed service provider delivering world-class connectivity, unified communications, cloud and hosting, cybersecurity, and IT managed service solutions to head offices and multi-site organisations across the UK. From on-premise and colocation, to fully managed services, Timico drives performance at every stage, helping to keep businesses connected, productive and secure.