Retail organizations routinely encounter a wide range of cyberattacks such as phishing, credential stuffing, ransomware, and supply chain attacks.

Many of these attacks are aimed at exfiltrating customers’ personal and financial information. In addition, attacks on point-of-sale (POS) systems are becoming popular. If attackers can gain entry into more critical systems like inventory and billing, it can cause operational disruptions.

Thanks to increased digitization and IoT integration, retailers’ potential attack surfaces have expanded as well. As such, the cybersecurity challenges for retailers continue to grow in volume and complexity.

In fact, 77% of retail organizations were hit by ransomware in 2021 – a massive 75% increase from 2020. More than half of retail organizations reported an increase in attack volume, complexity, and impact of cyberattacks on their organizations over the previous year.

Retail’s evolving threat landscape

The growing professionalism of criminal groups and their evolving tactics, techniques, and procedures are significant drivers behind the complex retail threat landscape today. A few other factors are adding to the cybersecurity challenge in this sector as well:

  • Phishing attacks trick customers and employees into giving attackers easy access to systems and payment data
  • Attacks on unpatched POS systems hack transactional data and give unauthorized access to valuable information like credit card PINs
  • Retail organizations rely on a vast network of third-party suppliers to keep their businesses and stocks moving, which adds complexity
  • Retailers need to secure multiple devices, platforms, and customer-facing web and mobile apps to ensure positive customer experiences and operational efficiencies across distributed sites
  • Business email compromise (BEC) scams are becoming commonplace in retail, where key executives are lured into divulging sensitive company information
  • Retailers need to ensure compliance with regulations and standards such as PCI DSS, GDPR, HIPAA, and SOC2 due to the vast private and sensitive data they hold
  • Cybercriminals are targeting the cloud to exploit less established cybersecurity practices than in traditional on-premises environments

Sophos can help

Sophos MDR is our fully-managed, 24/7 service delivered by experts who specialize in detecting and responding to sophisticated cyberattacks that technology solutions alone cannot prevent. As the world’s most trusted MDR provider and with hundreds of retail customers, we have unparalleled depth and breadth of expertise when it comes to threats facing the retail sector. Sophos MDR applies learnings from defending one retail organization to all others in the sector, generating “community immunity” and elevating everyone’s defenses.

Sophos ZTNA eliminates vulnerable VPN clients, enabling you to offer secure and seamless access to resources for your remote users. It removes implicit trust in your environment’s applications, users, and devices by providing policy-based, segmented access to your systems and resources to only those who need it.

Sophos Secure Access Portfolio enables retail organizations to connect remote and branch sites, deliver critical cloud and SaaS applications, and share data and information between sites.

It includes:

  • Sophos ZTNA to support secure access to applications
  • Sophos SD-RED remote Ethernet devices to safely extend your network to branch locations
  • Sophos Wireless access points for easy and secure wireless networking
  • Sophos Switch for secure access on the LAN

Everything is managed through a single cloud-based security platform, Sophos Central.