Cybercrime has increased significantly since 2020 when online shopping and working from home exploded. At the rate things are going, ransomware will cost its victims around $265 billion annually by 2031, Cybersecurity Ventures predicts, with a new attack (on a consumer or business) every 2 seconds as ransomware perpetrators progressively refine their malware payloads and related extortion activities. The dollar figure is based on a 30 percent year-over-year growth in damage costs over the next 10 years.
Retailers are collecting an enormous amount of consumer data, and as that repository grows, it becomes even more attractive to cybercriminals. Additionally, physical stores are full of connected devices, including cash registers, mobile computers, and kiosks, often linked to a wireless LAN. As a result, retailers have been the victims of increasing malware, ransomware, and phishing attacks that have compromised millions of customers’ data. These attacks also damage retail brands and result in substantial financial losses.
For MSPs with retail clients, the increase in ransomware attacks making headlines highlights both their own vulnerabilities and the unique risks in the retail industry, given the large amount of payment and consumer data moving around. So, how can MSPs help these clients remain secure and respond appropriately when there’s a breach? There are a few best practices that can help.
Retail clients should have a data breach plan. When a breach occurs, time is of the essence, both in stopping the attack and alerting customers. Therefore, retailers should have a detailed plan outlining stakeholder responsibilities, attack mitigation strategies, how to recover and restore data, manage the event, report the breach to the public, and notify customers whose data may have been compromised. Additionally, they must identify key personnel in IT, legal, risk compliance, marketing, and other divisions involved in the response. Establishing a plan before a data breach will save time and avoid confusion when an actual attack occurs.
Provide robust backup and data recovery services. A ransomware attack can go from inconvenient to critical if the retailer cannot recover its data. Make sure that retail clients frequently back up the data in their network and have a recovery plan that includes regular testing to ensure it works.
Help clients with post-attack forensics. Any breach (or breach attempt) should be thoroughly investigated and documented. This process will help retailers provide information to their customers, regulators, or other parties and help adjust the response plan for future incidents. MSPs can also help connect retail clients with forensic specialists to assist with investigations.
Prepare for the post-breach response. Retailers should already have relationships with vendors that can help with customer response should data be compromised, including mass mailing services, credit reporting services, and response hotlines. There should also be a crisis communication plan. Many companies want to wait until they know all the facts before going public, but this can compound the damage from the breach. Instead, retailers should be as transparent as possible as they work to mitigate the damage, investigate the source of the breach, and help consumers recover.
Guide retailers on managing, storing and deleting data. While retailers have gotten better at collecting consumer data, they don’t always follow best practices when storing it or determining what data they need to keep. Retailers that have been in business for decades may have sensitive customer data stored in legacy systems that don’t meet current security standards. MSPs can help those clients remain secure by mapping current data, evaluating what’s necessary to retain, and ensuring the data is properly protected. Try to minimize the amount of stored customer data to the bare minimum. The less data in the system, the less damage a breach will cause.
Help clients with partner due diligence. Retailers also frequently utilize third-party providers for payments, customer relationship management, and other services that could create vulnerabilities. Make sure retailers do their due diligence to ensure these vendors and partners are also compliant with industry security standards.
Provide adaptive security tools designed to protect against current and future attacks. Make sure that retail clients are making use of the most up-to-date security strategies and technologies, including security-centric remote monitoring, multifactor authentication, encryption, a zero-trust strategy, artificial intelligence, and network segmentation. MSPs also need to make sure their own house is in order to avoid a cascading series of attacks similar to those we have experienced recently.
Now that retail is in full swing, they need to remain vigilant regarding the rapidly increasing number of cyberattacks they face. MSPs can provide critical services and assistance in protecting data and responding to breaches when they occur. 
