As the holiday season nears, most retailers are focused on how to best serve their customers during the busiest and the most profitable time of the year.

But not all is safe and sound. Cybercrime increases during the holidays, and numerous studies show that threats like ransomware have jumped by as much as 30% in recent years.

Cyberattacks are an enormous threat. Being hacked cost businesses an average of $200,000 in 2021.

The challenge for small- and medium-sized retailers  

Smaller retailers have vulnerabilities as a result of digitization and the increasing use of Internet of Things (IoT) devices. The same tools that allow smaller businesses to compete on things like customer experience, loyalty programs, e-commerce and fulfillment also create new potential threat vulnerabilities.

As an example, digital tools, like Point of Sale (POS) systems can be a double-edged sword. They enable start-ups and mom-and-pop stores to improve efficiency in automation, digital bookkeeping, and data mining. But they also generate troves of valuable data and integrate with third-party APIs, like online order platforms, creating opportunities for data to leak or be stolen by cybercriminals.

These attacks can be crippling. Recent studies show that nearly 40% of small businesses lost crucial data due to a cyberattack, while three-quarters said they could not continue operating if they were subject to ransomware. Half that fell victim to ransomware reported paying the money out of pocket.

Digitization benefits outweigh the risks and allow businesses to focus on providing exceptional service and making customers happy. Every touchpoint needs to be protected and it needs to be done without creating friction in the customer experience. If there are too many obstacles, employees will start to find workarounds or customers will wind up shopping somewhere else.

How to get the right protection during the busiest time of the year

Cyberthreats evolve constantly and protections that used to be sufficient, like firewalls or intrusion detection, are no longer adequate. 

There are several precautions small retailers can take to reduce the chances of a catastrophic breach. In addition to basic best practices — ensuring all software is up to date; conducting regular security training for employees; establishing a VPN (virtual private network); and requiring two-factor authentication and regular password changes — retailers should consider employing the services of an outside expert.

Outside vendors, who are up to date on the most recent threats and upgrade their capabilities as the threat landscape evolves, are a great resource to secure your networks. Nowadays, managed security service providers (MSSPs) offer solutions tailored specifically to the needs and budgets of small and mid-sized retailers.

Some of the services include:

• Managed detection and response (MDR), in which a team of experts constantly monitors your networks and cloud environment
• Endpoint detection and response (EDR), which looks for suspicious behavior on end-user devices
• Secure Access Service Edge (SASE), a comprehensive set of security services offered via the cloud
• Unified threat management (UTM), which combines multiple security services, like antivirus, firewalls, and intrusion detection

All these services help protect against common threats, like skimming payments, malicious code insertions penetrating your network and stealing data, or distributed denial-of-service (DDoS) attacks shutting down commerce and often requiring ransom payments to stop).

A security vendor can identify or proactively prevent a threat before it becomes critical. It can also help small retailers automate compliance and reporting requirements, freeing up the business to focus on customers. And, critically, as businesses, networks, and threats evolve, a security vendor can keep the systems updated, reducing or even eliminating the need to hire internal cybersecurity talent.

Global cyberattacks grew by 38% in 2022, and there is no reason to think criminals’ efforts will diminish this year. By following best practices and partnering with a security vendor, retailers can protect their business, build trust with customers, and scale to meet the ongoing and changing needs of the market during the busiest shopping season of the year.