Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity NewsRetail/Restaurants/Convenience

The role of cybersecurity in helping retail open post-COVID-19

By AJ Dunham
Hacktivist
September 10, 2020

Retail businesses have arguably been one of the industries hardest hit by the current COVID-19 pandemic, with layoffs across the industry and multiple large retailers declaring bankruptcy in the past few months. 

The pandemic has redefined what it means to be a resilient business, especially when it comes to retail. “Essential” businesses that have remained open, such as supermarkets or pharmacies, have had to figure out how to operate safely in this new world. Meanwhile, many retailers around the world have had to close their doors, are trying to understand the changes needed to re-open physical stores, and in many cases build an online presence.

No matter the type of retailer, the importance of cybersecurity hasn’t gone away. If anything, it becomes more important as a cyber disruption could be the fatal final straw for a business looking for a smooth return to operations and maintain its brand image and reputation.

One challenge that retail organizations face is that their environments are flooded with internet-connected devices. While this is not unique to the retail sector, the benefits of sensors and connected devices to enhance the in-store experience has led to a much higher ratio of devices to people in this sector. A typical retail environment has a device to people ratio of 5:1, meaning that for every 100 employees there are approximately 500 devices that need to be secured and managed.

While these devices, such as self-scanners or point of sale (POS) systems, can enhance the customer experience, they can also create serious challenges for the IT and security teams. Not only does the sheer volume of Internet of Things (IoT) and operational technology (OT) devices vastly increase the attack surface for an organization, but many of these devices also rely on vulnerable underlying software and hardware components that can also increase risk and be particularly difficult to fix.  

What steps should retailers take to ensure that cybersecurity doesn’t get left behind in the opening process? When it comes to securing connected devices in retail environments, the foundational place to start is to increase device visibility. This gives an organization certainty around how many devices are on the network, where they are, and an understanding of their overall security posture.

From that foundation, an organization can more confidently implement a cybersecurity strategy to reduce risk from those devices. For instance, an organization can consider tools like network segmentation, which allows security teams to have greater control over what parts of the network devices have access to. Network segmentation is particularly applicable to retail environments, as IoT devices like POS systems typically run embedded operating systems, which can make patch management a manual process. Patching also requires change control windows and, if not done correctly, can cause unplanned system downtime.

More significantly perhaps, network segmentation can also prevent the lateral movement of an attack across the network. In practice, this could mean preventing hackers accessing sensitive corporate or customer information or limiting the scope of a ransomware attack. Both of these events could be catastrophic for a retailer in the midst of returning from a pandemic, when customer safety - both physical and digitally - is more important than ever.

Another consideration is to look at retail cybersecurity as a team sport. Historically, the retail industry tends to be less forthcoming when it comes to sharing cybersecurity learnings, largely due to the competitive nature of the business. However, lack of collaboration across peers can lead to slower progress across the industry overall. Boden, a large U.K. fashion retailer, shared some of their key learnings which might help others navigate this tricky landscape.

Retailers undoubtedly face an uphill battle when it comes to assimilating to their “new normal” post-pandemic. While the future remains uncertain for many around the world, by combining a more holistic view to device management and security with industry collaboration, retailers can at least limit one risk factor of many that will be affecting their businesses during this difficult time.

KEYWORDS: COVID-19 Internet of Things (IoT) Point of Sale hacking retail security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Dunham headshot

AJ Dunham is Principal Systems Engineer at Forescout Technologies.

 

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Cybersecurity
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Security Education & Training
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • ITprofessional-enews

    Redefining the Role of a Cybersecurity Professional

    See More
  • SEC0819-Cyber-Feat-slide1_900px

    The enterprise imperative of cyber resiliency post-COVID-19

    See More
  • computer

    How to mitigate critical cyber risks in a post-COVID-19 environment

    See More

Related Products

See More Products
  • facility manager.jpg

    The Facility Manager's Guide to Safety and Security

  • The Database Hacker's Handboo

See More Products

Events

View AllSubmit An Event
  • June 3, 2026

    The Role of AI and Video in Measuring Health, Safety, and Security Standards

    ON DEMAND: OSHA fines grab headlines, but most compliance issues start with everyday operational gaps: missed protocols, unsecured areas, or slow response. Learn how emerging technologies & AI can be leveraged towards more proactive compliance.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing