Retailers are underprepared for holiday cyberattacks

Retail companies are burdered with a lack of preparedness and confidence in data backup and recovery strategies, raising concerns about the industry’s readiness to protect sensitive customer and business data, research from Arcserve reveals.

Dimensional Research surveyed  1,121 IT decision-makers for data management, data protection, and storage solutions at companies with 100 to 2,500 employees and at least 5 TB of data. 

The survey was fielded in Australia, New Zealand, Brazil, France, Germany, India, Japan, Korea, the United Kingdom, the United States, and Canada.

Findings show that 54% of retail executives surveyed said they were targeted by ransomware in the past 12 months. A quarter (26%) of the attacks resulted in compromised data, and a quarter confirmed paying ransom.

Two-thirds (66%) of retail executives surveyed were not very confident in their ability to recover all lost data in the event of a ransomware attack.

Nearly half (42%) of retail executives admitted being unable to recover all data during their last significant data loss incident.

Close to three-fifths (57%) reported they lack well-documented or updated disaster recovery plans. Close to three-quarters (72%) revealed that they do not have specific data resilience goals within their data and backup strategies.

Aftab Alam, chief product officer at Arcserve, said retailers must urgently overhaul their disaster recovery plans to match the ever-evolving cyberthreat landscape. 

“Data resilience is a non-negotiable business requirement with clear, measurable objectives,” said Alam. “Don’t wait for a crisis to test your recovery protocols; make it a regular practice, akin to a fire drill.”

Arcserve recommends three immediate steps for retail organisations to be better prepared.

First, review and update disaster recovery plans. Second, invest in data resilience. And third, test recovery procedures.