Retail is a prime target for cyberattacks… but it’s time to fight back

This then led to the widespread adoption of MPLS and expensive data centre hosted firewalls, in order to optimise the flow of cross-site traffic and secure internet access.

The consistency and reliability of MPLS meant it proved a reliable connectivity solution for many years, but for retailers who looked to take their operations truly global, the cost and complexity involved in deploying and managing it across large numbers of sites became a significant limitation. It's no surprise that the software-defined networking model quickly established itself, with numerous retailers embracing the control, flexibility, and scalability of SD-WAN.

But retail is constantly evolving, and so is the security landscape. One just has to look at the range of recent high-profile cyber breaches hitting the headlines to see that, with a string of global brands suffering serious financial, reputational, and operational damage as a result of cyberattacks. In the aftermath of the breach Marks & Spencer suffered in April 2025, its share prices were significantly affected, with the firm estimating its losses as at least £300m. The same group of hackers (largely in their teens and twenties) later successfully targeting Jaguar Land Rover, which unfortunately led the company to make a number of employees across its supply chain redundant and close production lines worldwide.

The potential consequences of cyberattacks for any organisation are already well-documented, but the above cases highlight the extent to which retailers can be affected by a breach. Even if an effective DR strategy is executed and critical data restored, consumer and investor confidence will inevitably be affected, and any attempts to rebuild them will inevitably prove costly, with no guarantee of success. For example, when the Co-Op recently offered its members a £10 voucher after their data was stolen during an attack that left shelves at numerous shops sitting empty, its response was seen by many as inadequate, with one cyber expert arguing that consumers would prefer concrete reassurance that their data was secure.

And this is before we even consider the long-term consequences, such as increased insurance premiums, as insurers demand evidence that cyber security ecosystems are fit for purpose and will be continually updated in the future, or the potential for costly fines.

With all this in mind, the retail sector requires a new model of security that factors in the growing range of hidden attack vectors that bad actors are actively exploiting. So, let's consider how this would work in practice, beginning with the most recent steps of retail's digital journey...

Retail's underlying technology infrastructure has evolved exponentially over the years, with the physical security systems and underlying networks that we previously considered now forming individual elements of highly sophisticated, integrated systems, spanning in-person, online, and click-and-collect shopping experiences. In this new generation of retail technology, everything from POS systems to security cameras, sensors on shelves (both in warehouses and shop floors), digital signage, and Cloud-based SaaS applications are all linked together. But each of those connections forms a potential vulnerability that can be used to gain access to critical data.

It is important to bear in mind that such connections must not only be considered with the context of retailers' own corporate infrastructure. With the now ubiquitous nature of SaaS platforms across the sector and the highly interconnected nature of global supply chains, it is far too easy (and common) for bad actors to gain a 'back door' into corporate infrastructure by focusing on a third-party supplier or software platform.

Security ecosystems must therefore move away from traditional firewalls and endpoint protection (although these still remain key elements of any effective security posture) and ensure corporate security policies are consistently and automatically applied at the edge. This includes newer technologies - such as SIMs - that are increasingly utilised on the shop floor, as legacy systems are frequently able to accommodate them, requiring additional platforms to be integrated, with all the complications that entails.

Secure Access Service Edge (SASE) is the logical answer here, combining the networking capabilities of the SD-WAN platforms numerous retailers already trust with a comprehensive range of next-gen cyber security solutions - the best of modern connectivity and security in a single, unified platform. With a world-class SASE solution in place, retailers enjoy the control and scalability they have become accustomed to from SD-WAN, combined with a streamlined, intelligently automated security ecosystem that is able to accommodate the ongoing convergence of physical and digital systems, the interconnected shopping experiences customer expect, and the increasing complexity of the cyber threat landscape.

As the multiple breaches that have taken place throughout 2025 have shown us, an ironclad security posture is no longer optional for retailers and should be inherent in the design of all underlying infrastructure. If you would like to implement your own ideal SASE solution, just get in touch. Our team will work closely with you to ensure your infrastructure not only secures your critical data against the most sophisticated attacks, but provides the digital foundation for unforgettable experiences that keep your customers coming back again and again.