Retail Cybersecurity

Cybersecurity to guarantee your business continuity


The future of retail is digital – from hybrid working to cloud-powered online experiences. Some interesting trends are dual market positioning, a better shopping experience and attention to well-being and health. This will probably largely determine the success of the supermarkets and larger retailers of the future. Increasing digitization and using data to ultimately make the right choices are becoming increasingly important.

Although investments in IT modernisation help to improve the digital infrastructure and services, this also creates challenges. The attack surface – the collection of applications, websites, cloud infrastructure, on-premises servers, and operational technology (OT) – grows and can be targeted with all kinds of disruptive methods, such as ransomware or cyberattacks.

  • According to a report, retail has one of the highest rates of ransomware attacks: 77% of retail organizations were hit by ransomware in 2021, up from 44% in 2020.
  • Ransomware and online credit card skimming are examples of cyberthreats to retail businesses. The Magecart group has been observed targeting everything from online shops to hotel booking websites and even US local government services to steal customer payment information.
  • According to our report, 71% of retail IT and business leaders are concerned with the size of their digital attack surface. Over a quarter (27%) say they’re “very concerned” and 40% argue that the attack surface is spiraling out of control.

How to manage cyber risk and the attack surface as a retail company

Hear from our customer Wayfair

Key cybersecurity challenges for retail

Omnichannel expand_more


Many retailers use an omnichannel strategy. Consumers or suppliers enjoy one unified experience, one price, one delivery time, etc. In addition, combinations between channels are actively encouraged, because the various channels have different characteristics with associated benefits.

In retail, suppliers have many ways to communicate with a retailer’s network and many channels to communicate with customers. This provides more opportunities for cybercriminals to exploit vulnerabilities, enter the network and steal information. Retailers should regularly monitor their network activity for signs of unusual activity or unauthorized access. Retailers with omnichannel strategy need a cybersecurity platform that is based on technologies and features that relies on prevention, detection, response capabilities to incidents.

Guaranteeing business conitnuity expand_more

Guaranteeing business conitnuity

Business continuity is an important topic as retailers need to sell large volumes in order to make profit and to stay in business. Ransomware attacks and Credential phishing are a significant risk, as they can disrupt critical business operations and prevent or limit users from accessing their systems. Cybercriminals use ransomware to encrypt company data and demand payment in exchange for the decryption key, which can be a costly and time-consuming process to resolve. The financial impact can be huge if a web shop is experiencing downtime even for a few hours. In addition, customers will probably also look for other platforms to get their products. It is unsure if they will come back after the downtime is resolved. Therefore, data security is essential.

Complex IT and OT infrastructure expand_more

Complex IT and OT infrastructure

Retail companies must secure a widely distributed, large and complex IT landscape, including cloud services, distribution centers, networks, contact with suppliers and checkout systems in various stores. Their networks are very complex, and all these points of entry must be managed and secured. Apart from the ‘traditional’ IT landscape, retailers also have webshops, warehouses, sorting machines, cash registers, digital payment systems, IoT devices, distribution, etc. adding Operational Technologie (OT) to the equation. The digital attack surface increases – often faster than the ability to map and secure it. According to our research, 39% of the respondents describe their attack surface as “constantly evolving and messy.” Furthermore, the biggest challenge in managing the digital attack surface is keeping up to date with constant change (40%).

Since retail operations heavily rely on systems like inventory management, point-of-sale terminals and supply chain management, a breach or disruption can lead to downtime, financial losses, and negative customer experiences. OT security helps ensure business continuity and minimize potential disruptions.

Supply chain attacks expand_more

Supply chain attacks

The risk of a supply chain attack is growing because of all the links between your network and the network of external suppliers. If a supplier doesn't have proper security in place, your own network is in danger of being attacked. Besides multiple suppliers, retail businesses often also rely on third-party vendors, partners and logistics systems for various services, such as payment processing, supply chain management and customer support. These vendors may also introduce cybersecurity risks. Supply chain attacks present attackers with an opportunity to multiply profits by infecting many organizations through a single supplier. Ensuring the security of these interconnected systems is crucial to prevent supply chain disruptions, counterfeiting, and unauthorized access to sensitive information. It is critical to implement robust security measures, for example by implementing a zero trust model.

Limited visibility expand_more

Limited visibility

The network is the foundation of your IT environment, connecting users, devices, applications, and your overall network assets. But organizations don’t always have the right tools to gain visibility into all their assets. This is critical to prevent cyber-attacks and ensure business continuity, because you can’t protect what you do not see. 54% of the retail IT and business leaders admit they have blind spots in trying to secure their attack surface. Do you want to have more visibility into threats?

Matas securely achieves digital transformation and online sales expansion

Matas, the largest health and beauty retailer in Denmark, operates a chain of 263 drug stores across the country. After many years operating solely as a brick-and-mortar company, Matas launched a digital business in 2010. This digital expansion includes Club Matas, the largest customer loyalty program in Denmark, with more than 1.6 million members. To ensure that its customer data and systems are protected as their business continues to evolve, Matas relies on Trend Cloud One, Managed XDR and TippingPoint. Thomas Grane

CIO/CHRO, Director of Technology and Organization, Matas: “I like to be ahead of the game, so as a company we think about security early on. Trend Micro fits into that strategy well with their constant innovation.”

Get ready for NIS2

An updated version of the Network and Information Security (NIS) directive will be implemented starting in 2025. Under NIS2 directive, certain retail areas are also included as they provide essential services to society such as food production, processing and distribution. This will have a huge impact on the retail sector and its supply chain, as the security regulations will touch all critical services. To be compliant, your organisation will need a variety of measures such as detection & response, awareness training and remediation plans.

To help you prepare, read this blog on NIS2 and the implications for your organization.

Why Trend Micro as partner for cybersecurity retail?


We work with many large retailers, such as Matas, and help them overcome their cyber security challenges on a daily basis, preparing them for the latest and most advanced attacks.

Full portfolio

Solutions can be combined or used as standalone services, allowing you to build according to budget, time and needs.

Global leader

Our Zero Day initiative puts us in the first line of detection, with 64% of all vulnerabilities disclosed by Trend Micro.

Discover our solutions

Trend Vision One

Simplify security operations with purpose-built extended detection and response (XDR), attack surface management capabilities, and dynamic zero-trust tools. Our solution not only collects security information from the entire IT environment, but also automatically correlates and prepares it to produce actionable alerts. 

NDR (Network, Detection & Response) offering

Are you prepared for possible supply chain attacks? Trend Micro Network Security delivers network detection and response (NDR) to analyse contextual telemetry from high-risk, otherwise invisible parts of networks to make organizations more resilient to threats and attacks.

Let's talk!

Are you ready to take your organization's cyber security to the next level and safeguard your production process? Book your demo or schedule a 15-minute speed date where we explain how Trend Micro can assist you based on your needs.