BLOG

Inviting in the Attacker – Cyber Security in Retail

One of the business sectors that has gone through major disruption in the modern digital era is retail. This started in the 90’s with leading businesses evolving their first e-commerce projects.

But in recent times, with growth being led across Online and Mobile services, retail businesses are finding that their digital attack surface is getting larger and managing the growing threats and vulnerabilities can be hard.

If we take a quick look at the fashion retail industry that typically has a footprint of own stores and often concessions, plus online, we can see that this is a business model, that due to its varied technical footprint, is inviting in the attacker in order to get closer to its customers and improve the overall experience with buyers.

Firstly, there has been a big shift towards buying online. Many retailers still have legacy systems and infrastructure (running on platforms such as IBM iSeries) that manage critical business functions such as Buying, Merchandising and Warehousing. So, this has led to the need for multi-cloud infrastructure solutions even before the term became commonplace. That means ensuring a consistent and visible security posture across multiple data centre, infrastructure and cloud solutions.

 

Download our Cyber Security for Retail whitepaper now

 

With the increased web footprint and the rise of scalable micro-service architectures, the complexities of managing infrastructure and their applications attack surface increases.

Next let’s look at mobiles as they dominate roughly 51% of all browsing activity with the trend still suggesting that browsing via the mobile web has a higher percentage of sales revenue vs mobile apps. This is a statistic that cyber security staff in retailers should be a little more comfortable with. Most websites are built using the same code across all platforms, just with a different user interface depending upon the device being used. When mobile applications are introduced, the amount of code needed to support multiple platforms increases and as such, the surface we need to protect gets larger.

In the traditional stores you will find technology is making the experience easier for the customer and more efficient for staff. You can’t walk into a retail store without being offered free Wi-Fi. In the more forward thinking stores they’re using mobile footprints to identify customers and tailor deals and use augmented reality to personalise the experience throughout the store, guiding them to a sale. However, in order to keep the costs down on a high cost store, technologies are consolidated. Could someone take advantage of the available Wi-Fi and traverse across to a card payment system or wireless stock management system to find vulnerable systems and data?

Lastly, there is the most vulnerable aspect of all – people. With businesses driving ‘digital’ interactions and processes, seasonal workers become a risk as their training and familiarity with systems, policies and processes are less mature.

With such a broad attack surface it is hard to achieve end to end protection or visibility. So how can technology start to improve this? Click here to see what five things retailers should be considering when reviewing Cyber Security projects.


Download FREE Cyber Security whitepaper
 

Timico

We deliver Connectivity, UC&C, Cloud & Hosting, Security and IT Managed Service Solutions to our customers, through Service Operations based in Newark, Winnersh, Telford and London.

Sep 6, 2019

More great content you might be interested in

SOFTWARE DEFINED WAN

Software Defined WAN – Explained

Software Defined Wide Area Networks We’ve discussed the benefits of Software Defined WANs in previous posts. In this post we will cut through the jargon. We’ll focus on exactly what an SD-WAN is so business owners and decision makers can truly understand why it’s important.  In light of Covid-19, the need for businesses to begin their digital transformation has never…
Read More

Enabling Hospitality IT during Covid-19

With restaurants, bars, pubs and hotels now legally required to collect customer details, it’s never been more pivotal for hospitality IT to be connected, productive and secure. Earlier this month, the UK Government outlined new guidelines which would see hospitality venues face fines of up to £10,000 or even closure, if they fail to comply…
Read More

How Microsoft Teams Voice helps to unlock further collaboration and productivity in businesses today

What is Microsoft Teams Voice? Microsoft Teams Voice is the next step in remote working. The solution offers a rich feature set of business telephony to employees, while providing businesses with reduced operation costs, lower cost of ownership, and greater productivity. As a Microsoft Gold Partner, Timico are proud to offer four distinct packages, each…
Read More

Book a free consultation for your business today

Find out where there is space for change in your business, and how you are performing against your competitors.

Book a free consultation