The cyber-attack on Marks & Spencer has sent shockwaves through the retail sector.
With operations disrupted for weeks, stock shortages, and customer data compromised, it's a stark reminder that cyber-crime poses a genuine threat.
But while M&S will weather this storm with their substantial resources, I'm deeply concerned about our independent retailers – smaller businesses are increasingly in the crosshairs of cyber criminals.
Why? Because fraudsters know that independents often lack the robust security measures of larger chains, seeing them as low-hanging fruit. This is the reality our members face.
One in seven retailers takes no steps to protect their data. Meanwhile, remote purchase fraud was £432.3 million in 2016, and the figure continues to climb. Perhaps most telling is that while 95 per cent of businesses consider cyber-security important, nearly half have no formal strategy in place.
For independent retailers, the stakes couldn't be higher. A successful cyber-attack can cause catastrophic cash-flow problems, irreparable damage to your reputation, and the permanent loss of customer loyalty. In a sector where 71 per cent of retailers place the highest value on their customers, protecting their data isn't just good business – it's a fundamental responsibility.
Some members tell me, "We're too small to be targeted" or "We don't sell online, so we're safe." Let me be clear: if you hold customer data for CRM purposes or process payments electronically – you have something cyber criminals want. In today's interconnected world, no business is too small to be noticed.
The most common attacks against our members come through deceptively simple means. Phishing emails claiming to be from HMRC or your bank can look startlingly genuine.
The good news? Protecting yourself doesn't require massive investment or technical expertise. The Cyber Essentials Readiness Tool is an excellent starting point, guiding you through the essential requirements with clear, actionable advice.
Andrew Goodacre
This is why Bira partnered with the Cyber Resilience Centres across England and Wales to provide members with expert support. This partnership offers tremendous value, including a free 30-minute review of your current cyber setup, access to resources from the National Cyber Security Centre, and regular updates on emerging threats.
Simple measures make an enormous difference. Train your staff to spot suspicious emails. Use strong, unique passwords. Keep your systems updated. Back up your data regularly. These basic steps significantly reduce your vulnerability.
The M&S breach should serve as a wake-up call. If a retail giant with extensive resources can fall victim, independent retailers must be especially vigilant.
For more information, search for cyber security in the resource section of the Bira website.
