Basket
United Kingdom
Select regional store:
Secure your business from cyber threats this winter. Test your vulnerabilities now. Find out more
Sectors Retail, food, travel, hospitality and leisure sectors Cyber security in the retail industry

Speak to an expert

For more information or to discuss the requirements specific to your organisation, speak to one of our sector experts today.

Cyber security in the retail industry

Retailers have had little choice but to accept digital transformation. As consumers seek greater convenience when browsing and buying, interactions between retailers and their customers have had to change. This was initially with websites acting as shopfronts but now includes apps. Shopping is a mobile-first industry, and the first half of 2018 has seen the greatest number of shopping app downloads ever.

While this transformation is exciting – the IoT (Internet of Things), big data, robotics and AI (artificial intelligence) all have a role to play in retailing today – it also brings risks around data security. The more consumer data that is stored because of the increasingly connected way of selling, the more appealing the prospect of hacking to cyber criminals, and the more avenues they have to explore.

Retailers that want to ride the wave of opportunity while navigating around the potential storm of a data breach must take steps to protect their customers and their businesses from cyber crime. Do you know where to start?

The essential areas of focus

The PCI DSS (Payment Card Industry Data Security Standard) applies to any organisation that processes, transmits or stores cardholder data. Although the PCI DSS has existed since 2004, data breaches involving cardholder data still happen, and at an uncomfortable cost. Are you PCI DSS-compliant?

Find out more

The EU GDPR (General Data Protection Regulation) superseded the UK Data Protection Act 1998 on 25 May 2018. It extended the right of individuals to control how their personal data is collected and processed, and also placed a range of new obligations on organisations to be more accountable for data protection. Are you treating data the right way?

Find out more

Penetration testing is a controlled form of hacking in which ‘attackers’ operate on your behalf to find the weaknesses that criminals exploit. It is an effective way to determine the security of your networks and web applications. By identifying your ‘weak spots’, you can prioritise developments to stay one step ahead of the criminals.

Find out more

Staff awareness training is crucial, with the biggest security threat often being internal – employees can accidentally click on a phishing link or download malware by opening a rogue attachment. Cost- and time-effective e-learning can help with this, equipping staff with the knowledge they need at a time and place that works for you.

Find out more

ISO 27001 is the international information security standard. ISO 27001 certification equips organisations with the knowledge, procedures and processes to successfully manage information risks such as cyber attacks, hacks, data leaks and theft, helping to ensure that day-to-day operations can continue in the event of an attack.

Find out more

The NIS Regulations (Network and Information Systems Regulations 2018) apply to DSPs (digital service providers), such as online marketplaces, if they employ more than 50 people and/or have a turnover of more than €10 million. The Regulations came into force on 10 May 2018 and are enforced by the ICO (Information Commissioner’s Office). Are you prepared?

Find out more

Shop our range of cyber security solutions

We have created a special selection of products to help you. If you have any questions, email us and one of our team will get back to you as a priority.

EU GDPR Pathway Bundle

A comprehensive bundle of resources to help SMEs (small and medium-sized enterprises) confidently tackle the requirements of the GDPR and get on the pathway to compliance.

Find out moreShop all solutions

PCI DSS Online Course, Staff Awareness Edition

This interactive e-learning course is designed to increase employees’ awareness of the PCI DSS’s requirements and provide clear and simple explanations of what organisations and individual employees must do to meet the requirements of the Standard.

Find out moreShop all solutions

Cyber Security Pocket Guide Bundle​

Ideal for non-technical staff in all business functions, these quick and accessible guides discuss the perils of poor information and cyber security. Available in e-book and print formats.

Find out moreShop all solutions

PROTECT YOUR
BUSINESS
THIS WINTER