Recent cyber attacks on UK retailers should be a wake up call to improve cyber resilience in digital supply chains, and to strengthen against social engineering attacks.
- Jadee Hanson
A recent wave of cyber-attacks targeting UK retailers was a moment of reckoning in the retail industry. This news is very close to my heart as I was involved in one of the biggest retail breaches ever.
National Cyber Security Centre (NCSC) call to strengthen IT support protocols reinforces a hard truth: cybersecurity is no longer just a technical/operational issue. It’s an issue of business that directly impacts revenue, customer trust and brand reputation. Retailers are managing an ever-changing threat landscape while also ensuring that their users remain informed and secure. Recent attacks are not a failure but an opportunity to invest in better visibility, continuous monitoring, and a culture that encourages shared responsibility.
Employees are the frontline of your firewall
It is known that the cyber groups behind the recent retail hacks have used sophisticated social engineering techniques to trick IT help desks to reset passwords and provide information, thereby gaining access to internal systems.
Retailers employ some of the most diverse and largest workforces in the world, making them a greater risk. A cybersecurity-first culture in these organisations is crucial to combating threats. Employees who are familiar with these types of attacks, and know how to report them when contacted, are part of a cybersecurity-first culture.
To establish a cybersecurity culture, employees need to be empowered to recognize and respond to threats rather than just avoid them. This can be achieved through simulation training and threats assessments, which show real-life examples of threats while brainstorming solutions to prevent and control further damage.
By focusing on strategy, rather than constant firefighting and budget, tools, tone, and leadership support, security teams can focus on the strategic aspects of their work.
Real-time visibility of risks
Vendors, in addition to support staff, are a significant attack route for bad actors. Elastic Path data shows that. 42% of retailers acknowledge that legacy technology may leave them vulnerable to cyber risks. Modern cyber threats are more complex and often come from unexpected sources, such as third-party vendors. Vanta’s research shows that 46% of companies say a vendor has had a data breach ever since they began working together.
In the M&S data breach, it was reported that attackers had exploited a weakness in a contractor’s systems and not those of the retailer. This shows that you must have visibility beyond your perimeter, to include the entire digital supply chains in real-time.
The threats don’t wait until your quarterly review or audit. If you only check your controls or vendor status every year, you are already behind. Real-time visibility has become a foundational part of cyber defence. We need to be able to detect changes as soon as they occur. This can be achieved through continuous monitoring of both the technical controls and relationships that introduce risks into your environment.
In addition, we need to rethink how we allocate resources and prioritize this visibility. Manual processes cannot keep up with the complexity of today’s infrastructure. Automation and tooling help separate the noise from the signals – be it misconfigurations or vendor behavior that is suspicious.
A workflow for protection:
The ideal scenario is to embed security measures into all digital architecture. This includes secure coding, constant monitoring, and regular testing. Follow this action plan for retailers who want to be proactive about breaches after the events of the past few weeks:
Firstly, awareness. Have your security leadership send out a message to managers of support teams and help desks to ensure they are aware of recent attacks on retail and are in a good position to inform their teams of what to watch out for.
Next, investigate – identify the attack path used by other retailers so that you can fully understand the risk for your organisation.
Then, assess – perform a threat analysis to identify what can go wrong or how this attack pathway could be used within your organisation.
The last step is to identify, or determine the highest risk gaps within your organisation and the remediation measures to address each.
Last line of defence
Strong cyber security doesn’t come with quick fixes. It takes time, leadership commitment, and a change in mindset throughout the organisation. My advice to security team is simple: talk in terms of outcomes. Cyber risk is a business risk. That’s what it really is. Retailers who have been hit by recent attacks face huge financial losses. This is not just an IT problem – this is a boardroom concern.
The customers are paying attention. Customers want to be able to trust the brands that they buy from. This trust is built through transparency and preparation. The recent retail attacks shouldn’t be a cause for panic. They’re an opportunity to reset, evaluate the current state risks and fully understand what’s happening elsewhere. It’s time to invest in infrastructure, empower teams, and integrate security into your operations. Organisations that invest in their infrastructure now will not only be safer, but also more competitive, resilient, and better prepared for the future.
Jadee Hanson, Chief Information Security Officer of Vanta.
Alex Scroxton,
and
by Alex Scroxton.
By Alex Scroxton.
by: Alex Scroxton.
[196590]By:][19][19][19][19][19][19][19][19][19][19]
