THE RETAIL BULLETIN - The home of retail news
Lest we forget
HOME
RETAIL NEWS
RETAIL EVENTS
Fashion
Department Stores
Shopping Centres & Retail Parks
Home & DIY
Electricals
Health & Beauty
General Merchandise
Entertainment
Sports & Leisure
Retail Solutions
Food & Drink
Interviews
RETAIL INSIGHTS
RETAIL SOLUTIONS
ABOUT US
CONTACT US
SUBSCRIBE FOR FREE
Cybercrime: A growing threat to retailers

Retailers are becoming increasingly susceptible to the growing threat of 'cybercrime' - the use of computer technology to commit illegal offences, usually with the aim of obtaining a pecuniary advantage. By Joseph Jackson, Bird & Bird LLP

GENERAL MERCHANDISE

Cybercrime: A growing threat to retailers

Retailers are becoming increasingly susceptible to the growing threat of 'cybercrime' - the use of computer technology to commit illegal offences, usually with the aim of obtaining a pecuniary advantage. By Joseph Jackson, Bird & Bird LLP

In August, the Cabinet Office announced that 93% of large corporations and 87% of small businesses in the UK suffered a cybersecurity breach in the last year. Considering that these figures only address reported cyber-attacks, the scale of the problem is certainly a cause for concern. Retailers should be aware of this threat and the legislative measures currently being considered on cybersecurity in Europe. 

The impact of cybercrime
Estimates of the annual global cost of cybercrime range from £44 billion - £253 billion, with the British Retail Consortium estimating the cost to the UK's retail sector as £205.4 million.

Retailers that have experienced a major cyber-attack will be aware of the damage that can be caused. Business interruption, theft of trade secrets, misappropriation of finances, loss of customer data and damage to reputation are all risks for retailers with inadequate cyber resilience.

New regulation?
Policymakers in Europe are currently considering laws that would set a common standard of network security. In February this year, the European Commission published a draft Directive on cybersecurity ("the Directive") which includes the following key proposals:

*Certain businesses and organisations would be required by law to take appropriate technical and organisational measures against cyber risk and report incidents that have a 'significant impact' on their core services. This could apply to some retailers – see 'Will the Directive affect Retailers?' below.

*EU Member States would be obliged to adopt a national strategy on cybersecurity, establish a national authority for monitoring compliance with the Directive and set up a 'Computer Emergency Response Team' to assist in monitoring and handling cybersecurity incidents.

*Processes would be established to facilitate the exchange of best practices and early notification of cyber-incidents between Member States. The Directive also envisages Member States agreeing coordinated responses to cyber-attacks.

Will the Directive affect Retailers?
Early indications suggest that retailers with an online sales presence may be in the Directive's cross-hairs. It is envisaged that the Directive will not be applied to so called 'microenterprises' - businesses with fewer than ten employees and with an annual turnover of €2 million or less – though businesses to which this exemption applies may still find themselves having to comply with the Directive as obligations are flowed down through their supply-chain.

The future
Whilst implementation of the Directive appears some way off, retailers should be aware that their businesses could be subject to regulation on cybersecurity in the future. To the extent possible, retailers should consider 'future-proofing' their security processes against the impact of future regulation, at a technical operational and legal level by taking expert advice.

Finally, the retail sector as a whole should consider whether it can help shape the outlook of future regulation on cybersecurity. Member States are currently consulting on the implementation of the Directive and it may be that retail organisations can use this opportunity to feedback on the proposed legislation.

Email this article to a friend

You need to be logged in to use this feature.

Please log in here

Subscribe For Retail News

RETAIL EVENTS

The Retail Design Seminar 2018
The Retail Design Seminar 2018
14 November 2018
The Cavendish Conference Centre
The Retail Design Seminar 2018
Omnichannel Futures Conference 2019
Omnichannel Futures Conference 2019
6 February 2019
Cavendish Conference Centre, London WG1 9DT
A truly omnichannel offering requires an understanding of customer behaviour across all shopping channels and how this should impact your overall business strategy
Customer Engagement Conference 2019
Customer Engagement Conference 2019
5 June 2019
Cavendish Conference Centre, London W1
The 10th Annual Retail Customer Engagement Summit
AI in Retail Conference 2019
AI in Retail Conference 2019
18 September 2019
Cavendish Conference Center, 22 Duchess Mews, London W1G 9DT
Retail marketing is changing pace rapidly by making communication across all platforms personalised, relevant, efficient, and helpful. AI not only helps shoppers find a perfect product but also pre-empts the shopping behaviour and speeds up payment.
The HR Summit 2019
The HR Summit 2019
Tuesday 8 October 2019
The Cavendish Conference Centre, London W1
The 11th HR Summit 2019, The Cavendish Conference Centre, London W1, 8 October 2019