Skip to content Skip to navigation Skip to footer

Retail Cybersecurity Statistics Not To Be Ignored

The retail industry has grown, and it is important to monitor retail cybersecurity statistics regularly, particularly because as retail businesses expand, so do their attack surfaces. Whether retailers are growing via brick-and-mortar shops or online, each new outlet, store, or website is a potential target for retail cybersecurity threats.    

Top Cybersecurity Statistics To Keep in Mind

Retail Security, Types of Attacks

Retailers and those that manage their network infrastructure face threats from a variety of angles. For example, communications mainstay Verizon faced a barrage of attacks, with credential phishing, malware, and ransomware leading the way. Their attacks break down as follows:

  1. Credential phishing at 30.43%
  2. Malware at 21.74%
  3. Ransomware at 13.04%
  4. Distributed denial-of-service (DDoS) attacks at 10.14%
  5. All other attack methods at 24.65%

24% of Cyberattacks Target Retailers

Given the wealth of payment information retailers have access to, it is no surprise that nearly a quarter, 24%, of all cyberattacks are levied against retailers. Retailers often have varying levels of security, leaving them exposed to cyber criminals. Also, even a relatively small retailer could have many credit card or bank details kept in their digital files. Cyber criminals have started to capitalize on these opportunities.

Retailers Have More Data Breaches Than Any Other Industry

Retail has become the number one target for cyber criminals, experiencing more breaches than any other business sector. This rise in retail cybersecurity attacks may be due to a combination of factors.

  1. Because retailers often have access to the personal identifying information of customers, getting past a company’s defenses can yield a big score for a hacker. Also, some retailers may have similar cybersecurity infrastructures, so an attack method that works for one may work well for one of their counterparts.
  2. Social engineering, which involves using mind games to get people to compromise security standards, is often not prominent on the radar of many retailers. This leaves retail organizations vulnerable to hackers that want to use their employees and others with sensitive access credentials against them.

Successful attacks can result in significant financial loss and reputational damage, so a retailer’s security operations center (SOC) team will be wise to implement risk mitigation strategies.

62% of Consumers Lack Confidence in Their Data Security

Confidence breeds trust, and due to a lack of adequate cybersecurity, 62% of consumers say they are not confident regarding the security of their data. Further, 25% say that they know their data is not safe with retailers. Addressing this trust deficit should be a top priority for retail organizations.

One of the best ways retailers can ensure the safety of payment data is to be in compliance with the Payment Card Industry Data Security Standard (PCI DSS) standards.  

PCI DSS standards help ensure that retailers and others keep customer payment information out of the hands of attackers. When these standards are not followed, retailers are left open to serious ramifications, including:

  1. Stolen customer payment information
  2. Fines from payment providers
  3. Fines from governments that mandate PCI DSS compliance

To attain PCI DSS standards compliance, an organization should:

  1. Use firewalls to secure their network and specific areas of it: A firewall inspects data coming into it, as well as traffic flowing out of the network or network segment. When the firewall detects malicious files, it discards them, protecting the resources and systems on the other side.
  2. Encrypt data transmissions: Encryption replaces the data being sent with letters, numbers, and figures that cannot be read without a decryption code. If an organization uses encryption, even if a hacker intercepts some of its transmissions, they would not be able to exploit the data without the decryption information.
  3. Use antivirus software: With antivirus software, known viruses can be detected and dealt with automatically, thus protecting your workstation and network. Also, because antivirus software gets automatically updated, you can enjoy continued protection without having to worry about whether you are being shielded from recently discovered threats.

Fortinet Security Solutions and Other Key Insights for the Retail Industry

The Fortinet Security Fabric offers a comprehensive solution for retailers. It gives retailers a combination of:

  1. Next-generation firewalls (NGFWs)
  2. Unified network access
  3. Presence analytics that detects connected endpoints
  4. Software-defined wide-area network (SD-WAN), which lowers the total cost of ownership and boosts security through customized control of the network
  5. Cloud security
  6. Endpoint protection
  7. Email security
  8. Web application firewall (WAF) that protects web-based applications from incursions
  9. Advanced threat protection using artificial intelligence (AI)
  10. Easy deployment of security solutions
  11. Integrated video surveillance

Protecting your network as a retailer has never been more important, particularly as new challenges arise. Key insights for retail demonstrate why.

For example, many retailers have added or expanded their employees’ ability to work from home. Ensuring your network is protected from devices and home networks with weaker security features is critical when incorporating or expanding a work-from-home infrastructure.

Also, retailers have been adding or expanding their e-commerce capabilities, particularly because 84% of consumers have recently reported shopping online. This may open up retailers to more attempts by hackers to try to steal customer payment information. With the Fortinet Security Fabric, however, retailers can bolster their defenses and earn more loyal, confident customers.