PAID FOR POST
With retailers still reeling from recent cyber security breaches, Cognizant looks at three steps retailers can take to boost cyber reslience
The wave of ransomware attacks in the UK has highlighted the vulnerability of retailers, as well as their supply chains and partners, to cyber threats.
This time, too, it’s not just about the reputational damage caused by data breaches. The recent attacks have had even more profound impacts, with severe disruption to operations (and subsequent recovery costs) directly hitting revenues as well.
Also still to come, the risk of punitive fines imposed by regulators as well as sharp increases in insurance premiums.
All this is just a snapshot. Threat levels are rising constantly, accelerated by hackers’ adoption of advanced technologies, particularly generative AI and AI agents.
As attacks become inexorably more sophisticated and more damaging, all players in the retail landscape are laser-focused on achieving greater operational resilience.
Why the threat escalation?
For business leaders, this is mission-critical. Speed of recovery from cyberattacks and resumption of business as usual are top priorities for them.
They’re acutely aware of how basic human mistakes can cost hundreds of millions and undermine reputations that have taken decades to establish.
Attackers are targeting retailers that are less well-prepared in the eyes of threat actors. And retailers are more exposed than ever before from the attacker’s perspective.
When the pandemic pushed more businesses online, it also massively increased vulnerability to cyberattacks by multiplying potential attack vectors.
Therefore, today, comprehensive security on the edge is essential across point-of-sale systems, ecommerce operations, and suppliers’ operations throughout the extended ecosystem.
It’s not only the number of attack vectors that has surged. We’re seeing criminal gangs take advantage of ransomware as a service offerings to buy cyberattack services from other criminal gangs.
At the same time, state-sponsored actors are targeting both commercial and government entities. And in the background, of course, AI continues to enable ever more realistic phishing and social engineering, which makes attacks far harder to detect.
How should business leaders respond?
Cybersecurity is not an area that IT should handle independently. It’s a business issue. The scale of losses we’re seeing and the attack techniques being used make that all too clear.
This means the board must have oversight of the cyber and operational risks confronting the business, as well as being responsible for their governance through a robust risk and control framework.
Developed in close collaboration with the CISO, this framework needs to cover:
- Operations: How is the business organised to prevent, detect and respond to cyberattacks? Have key business and IT processes been properly secured? How secure are supply chain partners?
- Technical: Are all systems up to date or are they old and unprotected by the latest security software? Is critical business information encrypted and properly secured?
- Culture: Is there an embedded security culture? Are employees trained to detect attacks? Are robust incident management practices understood and adhered to?
Cyber resilience in three key steps
In such a threat-heavy retail landscape, achieving cyber resilience is a business imperative. But the journey to this goal can seem daunting. We find it helps to break it down into three core stages:
1. Crawl – establishing the basics
In this foundational phase, organisations are often in the early stages of recognising and addressing cyber threats, typically working with limited resources and expertise.
The primary focus here should be on laying the groundwork through basic security measures, policies and awareness.
Priorities include implementing effective identity and access management (including MFA and privileged access management); ensuring all software is up to date, with systems monitored and properly protected; establishing basic security policies; educating employees; and achieving compliance with industry standards and regulations.
2. Walk – building resilience
Building on the basics, this phase is characterised by the enhancement and integration of security capabilities across the organisation.
The focus shifts from reactive measures to proactive and strategic approaches, with the emphasis on building a more resilient ecosystem where threats can be identified and mitigated before they escalate.
Key objectives include fostering closer collaboration between departments to ensure cybersecurity is integrated into broader business processes; enabling enhanced monitoring and detection; introducing strong data protection measures; and achieving incident response maturity.
3. Run – achieving excellence
Organisations at this level have embedded security deeply into their culture and operations, enabling them to anticipate, prevent, and respond to threats with agility and confidence.
Objectives include enabling advanced threat hunting (through behaviour analytics, machine learning, and other predictive technologies); implementing security orchestration, automation, and response (SOAR) platforms to minimise time between detection and mitigation; adopting a zero-trust model where verification is required for all access requests; and ensuring continuous improvement by regularly assessing the organisation’s security posture through red-teaming exercises, vulnerability assessments, and audits.
Fast-track your journey
The risk to your business from cyberattacks can’t be overstated. Revenues, reputations and regulatory compliance are all on the line. That’s why it’s essential for business leaders to accelerate their journey to cyber resilience. The time to get started? Now.
At Cognizant, we work with leading retailers every day to help them achieve this goal.
To find out more, please get in touch
Written by Stephen Khan, CISO EMEA/APJ at Cognizant, Stephen Kell, security & GRC practice lead at Cognizant and Benn Glazier, head of retail UKI at Cognizant
