// The new Cyber Resilience Toolkit for Retail from the BRC aims to counter cyber attacks in retail
// National Cyber Security Centre also supports the toolkit
// Last year, retailers spent £186 million on cyber security
A new cyber security toolkit for retailers has been launched, aimed at helping them take steps to reduce the threat of a successful online attack.
As part of its strategy to increase cyber resilience amongst retailers, the BRC worked alongside experts at the National Cyber Security Centre (NCSC), a part of Government Communications Headquarters, to develop the toolkit.
The Cyber Resilience Toolkit for Retail is an actionable guide specifically designed for non-cyber experts across retail, such as board members, those in senior strategic roles, and start-up businesses.
- Shopworkers facing abuse from revellers leaving pubs at 10pm – union
- Government urged to “investigate growing problem” of crime against shopworkers
- Study reveals change in triggers for abuse against shopworkers during Covid
It highlights the threats faced by retailers, key questions to consider when developing cyber resilience strategies, and guidance on the types of protections retailers should implement.
The toolkit also outlines recommended actions for retailers in preventing breaches through stronger protections, preparation to mitigate the impact of a successful breach, recovering after a cyber attack, and developing and embedding a positive cyber resilience culture at board level.
The BRC said UK retail has one of the most advanced digital offerings of any industry, making it one one of the most targeted in cyber attacks.
In addition, retailers spent £186 million in the past year on deploying cutting-edge systems to protect customers and prevent future breaches.
Furthermore, processes across the supply chain are being rapidly digitised and automated: from ecommerce, cloud systems and shift patterns to payroll and procurement.
Greater dependence on these technologies has brought more cyber risk and hackers are becoming increasingly sophisticated in their tactics.
The BRC said it was crucial that retailers remain vigilant and adhere to necessary security protocols to combat these emerging threats, especially since there has been a huge shift to online shopping since the start of the coronavirus pandemic.
In May 2020, online retail sales counted for almost a third of all retail sales (32.8 per cent), a significant increase from 18.8 per cent a year earlier.
“In recent months, the use of technology in the retail industry has evolved as retailers adapt to new consumer habits and the challenges of the pandemic,” BRC chief executive Helen Dickinson said.
“Last year, retailers spent over £186 million on cyber security, but the growth in online selling means there is an increasing threat of new cyber breaches and sophisticated hacking techniques.
“As a result, retailers need to ensure their systems are watertight and up to date.
“This toolkit, developed with the input of the National Cyber Security Centre, will ensure all retailers, no matter their size or level of cyber expertise, are well-equipped to face the challenge of cyber security.
“This is yet another example of the BRC supporting retailers through the ongoing digital transformation.
“Furthermore, consumers must also play their part, and more must be done to educate the public on basic cyber hygiene so that they are able to browse and shop safely.”
National Cyber Security Centre technical director Dr Ian Levy said: “We want to keep shoppers’ data, identity and privacy safe, and to ensure that the retail sector is well equipped to face the cyber challenges associated with an ever-more digital world.
“The new BRC toolkit has been written in a way that is clear and concise so that it can be understood by retailers and those with a cyber specialism.
“I urge all key-decision makers in the industry to familiarise themselves with the toolkit and act on it.”