The retail industry is undergoing a significant transformation, as technological innovation drives change and alters the way retailers manage their operations and interact with customers. In addition to these, COVID-19 has significantly changed how retailers operate and interact with their customer base.
Omni-channel retailing – bricks and mortar stores, online sales and marketing channels, and mobile applications – is increasingly being adopted to optimise customer experience, allowing companies to remain competitive and relevant. This creates new points of exposure to access and impair critical systems, networks and compromises sensitive data. This also leads to a significant increase in the volume of payment transactions being processed and customer data being collected and stored.
The top incident breach for retailers in 2018 focussed on data theft1. Today, cyber-attacks have moved beyond data breaches to sophisticated schemes designed to cause significant disruption to businesses and supply chains. Ransomware attacks have also grown significantly, seeking to exploit vulnerabilities created by a large-scale move to hybrid working environments and greater use of online resources.
Why is this important?
A few case studies evidence the severe impact a cyber-attack can have on a retail business:
One of the largest outdoor clothing and equipment retailers in Australia and New Zealand reported that an unidentified third party had gained unauthorised access to its website and may have captured customer personal information and payment details during the period 8 January 2019 and 12 February 20192.
Hackers gained access to the personal information of at least 460,000 users of one of Asia’s largest retailers. Purchase history and parts of credit card numbers may have been accessed2.
Credit and debit card information for more than 45 million customers of a major retailer were infiltrated and used to make fraudulent purchases. The retailer estimated its expenses – including litigation and computer system updates – at more than USD250 million2.
The 2017 NotPetya malware attack significantly disrupted businesses around the world, including retailers. Estimated economic losses exceed $3 billion2.
This report from ARA Insurance partner, Marsh, provides insights into the cyber exposures facing retailers and information on the cyber insurance options available. Cyber insurance can help provide critical protection for direct loss and liability arising out of the operational use of technology and data, assisting retail companies in mitigating their exposure to cyber risk and successfully recover from a cyber-incident.
Looking for insurance and risk management solutions tailored to retail?
ARA Insurance is a unique insurance program for members harnessing the industry experience of the ARA and the risk management expertise of global leading insurance broker, Marsh.
As a member benefit, ARA Insurance members can receive a free 30 minute insurance risk consultation with Marsh. Premium members also receive a complete risk analysis report.
To access this benefit, or for further information, please complete this form and an ARA Insurance representative will contact you to schedule your consultation.