With the holiday shopping season in full swing, retailers face an unprecedented wave of cyber threats targeting their operations, systems, and customer data. According to VikingCloud's 2024 Holiday Cyber Threat Survey, 80% of retailers have already faced cyberattacks this year, with most experiencing repeated incidents. As the holiday rush ramps up, 52% of retailers report they’re at their highest risk during these final months of the year.
Retailers are grappling with several key cybersecurity challenges, with workforce strains and seasonal vulnerabilities topping the list. A surge of temporary holiday hires, many with little cybersecurity training, creates new entry points for attackers. VikingCloud found that 78% of seasonal staff do not receive basic training on social engineering, and many lack safe internet usage guidance or phishing awareness. Joe Seidel, VikingCloud’s CEO, warns, “Cybercriminals know how to exploit this influx of untrained seasonal employees, making them an ideal target to breach retailers' digital systems.”
The holiday season amplifies retailers’ exposure to attacks like supply chain breaches, data theft, and denial-of-service (DoS) attacks. Retailers handling high volumes of payment transactions face particularly high risks, with supply chain attacks alone affecting 52% of companies. Retailers often have no choice but to shut down critical systems, such as point-of-sale (POS) devices, in an attempt to contain breaches, which can lead to significant operational disruptions and financial losses.
Business interruptions caused by cyber incidents are not only costly but also impact customer trust. With 53% of retailers reporting reputational damage after an attack, customers may feel uneasy about data security, potentially turning to competitors. Unfortunately, in a bid to protect their brand image, 44% of retailers report withholding incident details from the public, raising concerns about transparency and consumer safety.
To combat these heightened risks, VikingCloud advocates for robust cybersecurity strategies. Many retailers are turning to Managed Security Service Providers (MSSPs), like VikingCloud, to extend their internal cybersecurity capabilities during this critical period. MSSPs offer essential services such as threat detection, incident response, and compliance management. By outsourcing security functions, retailers can mitigate downtime and avoid potential losses without overburdening their teams.
Retailers generate up to a third of their annual revenue during the holiday season, making robust cybersecurity as essential as inventory and sales strategies. In the words of Seidel, “The holiday season is an all-hands-on-deck operation for retail, and that includes security.”
As cyber threats grow more sophisticated, a proactive approach to protecting digital systems and customer data is key to ensuring a successful holiday season and safeguarding brand loyalty in the year to come.