Across the UK’s top 50 retailers, 80% are now exposed to at least one form of critical cyber vulnerability, Retail Week can reveal
New research from cyber risk specialists KYND found that 38% of retailers analysed face “critical risks” across five major threat categories.
This entails: ransomware risk exposure, email security weaknesses, outdated software, vulnerable services and certificate issues.
Digital certificates are integral for ensuring secure online communication and protecting sensitive data.
KYNDs research found that out of the 50 retailers analysed, 80% had email security vulnerabilities, 72% had certificate issues, 70% had vulnerable services, 70% had outdated software, and 58% were exposed to ransomware risk.
Email security was found to account to 9,239 critical issues identified across the companies.
The research follows a spate of cyber attacks on many large retailers, starting with Marks & Spencer in April.
Hackers then targeted the likes of the Co-op, Harrods, Louis Vuitton, and Adidas.
KYND chief executive Andy Thomas said: “Retailers hold enormous volumes of sensitive data and operate complex supply chains, so even a seemingly minor oversight – like an expired certificate or unpatched software – can quickly become an open door to attackers.
“These results are a wake-up call for the sector to focus on the fundamentals: visibility, prioritisation and proactive monitoring.
Today, cyber risk is a board-level concern with serious financial, operational, and reputational implications. For retailers operating in an increasingly digital environment, managing cyber risk as a core business risk is essential to maintaining resilience and protecting long-term value.”
KYND is now urging businesses to improve vulnerabilities, such as having full visibility of their digital infrastructure to understand risk exposure, address foundational weaknesses, and constantly evaluate any cyber risks across partners and third-party suppliers.
No comments yet