Retailers can’t afford downtime; they need to showcase, sell and deliver their goods whenever and wherever their customers shop – whether in-store, online or via mobile devices. A cyber-attack that disrupts sales or delivery systems can drive customers elsewhere, leading to significant revenue losses and reputational damage.

Financially motivated cybercriminals know that retail chains, store large amounts of customer data, and need to keep their doors open for business every day. This makes them a prime target for ransom fees. If a threat actor were to breach an organisation, steal data and encrypt an IT system (double extortion) with the threat of leaking or selling that data unless a ransom fee is paid, how long could the business operate before going under?

As more retailers move to  multi-cloud environments to cut costs, they face new security risks, with IT and cyber security teams often finding it challenging to keep up with the accelerating rate of change in cloud technology. Business leaders are now realising that it’s not, if an organisation will suffer a cyber-attack, but when. They are also starting to address both external threats and insider risks, emphasising prevention over remediation.