- The way forward for retail cybersecurity: Discover insights from 220 retail executives on managing AI-driven threats and shutting the cyber resilience hole.
- 44% of retail organizations report a pointy improve in cyberattacks, underscoring the pressing want for stronger cybersecurity defenses throughout the sector.
- 34% of shops skilled a knowledge breach previously 12 months, revealing the persistent vulnerabilities in retail cybersecurity methods.
The final 12 months has seen the retail sector fastened squarely within the sights of menace actors, as a number of of the most important assaults concerned a number of of the world’s greatest identified retail manufacturers, together with Harrods, Marks & Spencer, and Victoria’s Secret.
The 2025 LevelBlue Futures Report: Aligning Cyber Resilience and Enterprise Targets within the Retail Sector gives context for these assaults, with 44% saying they’re experiencing a considerably greater quantity of assaults and 34% of shops surveyed noting that their group actually suffered a breach within the final 12 months.
These figures are from a worldwide survey of 220 retail executives carried out by LevelBlue earlier this 12 months. The intent was to uncover whether or not retail organizations are incorporating enterprise-level cyber resilience methods and to find out their main cybersecurity issues shifting ahead.
The survey revealed a curler coaster trip of solutions with retailers expressing each confidence of their capability to repel sure sorts of assaults and concern over being unprepared for others.
The AI Conundrum
The survey made it clear that retail executives are involved about and anticipate AI-powered assaults to happen. Displaying an odd dichotomy, 49% of these surveyed mentioned they’re extremely or very extremely competent at defending themselves in opposition to AI-based assaults, however solely 25% go on to say they’re ready to take care of such incidents.
Maybe reflecting their potential overconfidence of their capability to defend in opposition to AI assaults, 52% replied that they’re extremely or very extremely competent at implementing and utilizing AI to reinforce cybersecurity. The overwhelming majority are so assured of their capability to implement AI-powered safety that solely 32% are reluctant to implement AI instruments and applied sciences due to potential related cybersecurity ramifications.
Alignment for Success
The necessity for cybersecurity groups to combine with the group’s traces of enterprise is beginning to achieve traction, with 44% of the surveyed saying they’ve successfully aligned enterprise threat appetites with cybersecurity threat administration. That is aided by the truth that 49% of the executives famous that communication channels between cybersecurity and line-of-business groups are efficient.
This degree of alignment falls off in terms of implementing safety measures with new initiatives, as solely 37% allocate a cybersecurity funds to new initiatives from the start, which is considerably decrease than the worldwide common of 46%.
A Cybersecurity Tradition Hole
It’s effectively understood that creating an surroundings through which all staff perceive they’re an integral a part of their agency’s cybersecurity structure is crucial to constructing a powerful safety tradition. Sadly, the survey discovered solely 40% say they’ve an efficient company-wide cybersecurity tradition.
One avenue to think about for bettering this determine could be utilizing exterior experience to reinforce their workforce’s cybersecurity measures. Nevertheless, solely about one-third have engaged exterior assist for coaching and consciousness previously 12 months, and this determine will not be anticipated to vary within the coming years.
These are just some of the handfuls of matters coated within the 2025 LevelBlue Futures Report: Aligning Cyber Resilience and Enterprise Targets within the Retail Sector. The report presents a complete look into how retailers are responding to escalating cyber threats.Â
Obtain the total report back to discover the whole survey knowledge, insights, and proposals shaping the way forward for retail cybersecurity.
The content material offered herein is for basic informational functions solely and shouldn’t be construed as authorized, regulatory, compliance, or cybersecurity recommendation. Organizations ought to seek the advice of their very own authorized, compliance, or cybersecurity professionals concerning particular obligations and threat administration methods. Whereas LevelBlue’s Managed Risk Detection and Response options are designed to assist menace detection and response on the endpoint degree, they aren’t an alternative choice to complete community monitoring, vulnerability administration, or a full cybersecurity program.
