Retailers are once again in the cyber spotlight for all the wrong reasons. With today’s news that The North Face and Cartier have become the latest high-profile victims of cyberattacks, it is increasingly clear that the retail sector is facing a relentless digital siege. This follows a string of incidents affecting household names such as Marks & Spencer, leaving a trail of financial loss, operational disruption, and reputational damage.
The weak link: confidence without resilience
In a comment to 4i Magazine, Glenn Akester, Technology Director for Cyber Security & Networks at IT service provider Node4, offers a sobering assessment of why these attacks are succeeding — and what must change if retailers want to stem the tide.
“North Face and Cartier are the latest victims in the recent spree of cyberattacks targeting retail businesses,” Akester says. “These attacks have already caused significant damage to industry giants like M&S, and, although Node4’s recent research found that the majority (92%) of mid-market organisations are confident when it comes to preventing and responding to attacks, these latest hits suggest that many retailers still lack the resilient cybersecurity foundations and operational readiness needed to withstand this new breed of threat.”
The troubling pattern emerging in these cases is not one of highly sophisticated technical exploits but of simple, well-orchestrated intrusions that exploit human vulnerabilities and systemic complacency. Akester explains:
“Worryingly, many organisations still operate on the outdated assumption that anything inside their network is safe, and only the perimeter needs defending. However, this model falls apart the moment an attacker gets hold of legitimate credentials.
And that’s exactly what’s happening. Today’s attacks aren’t elite, technical hacks. They’re fast, persuasive and often alarmingly simple. Attackers are utilising a number of low effort techniques, such as social engineering attacks that convince employees to provide login details or approve MFA requests, hijacking valid login sessions or using leaked details obtained through past data breaches. None of these require ‘hacking skills’ in the traditional sense. They’re about slipping through the cracks – or tailgating through the front door someone else has opened.”
This evolving threat landscape should serve as a wake-up call. While many retailers continue to check compliance boxes and adopt a tools-driven security mindset, they neglect the more critical need for cyber resilience — the ability not just to prevent breaches but to detect, contain, and recover from them rapidly when they occur.
As Akester rightly argues:
“It’s time to stop thinking about cybersecurity as a checklist of tools and start thinking about it as a resilience strategy. Building resilience means assuming that something will get through eventually, and making sure your business can detect it, contain it, and recover quickly. This starts with understanding your risk surface, continuously monitoring for threats, testing and simulating attacks, and finally, having a clear and effective response plan.”
Why retail?
The retail sector remains an attractive target for cybercriminals for several reasons: vast volumes of customer data, rich transaction histories, sprawling supply chains, and complex third-party integrations. Moreover, in today’s hypercompetitive market, any disruption in service or erosion of customer trust can have outsized consequences.
The path forward
For retailers, the choice is clear: evolve or risk extinction. Resilience must become the watchword. Cybersecurity strategies must encompass employee education, continuous threat intelligence, proactive red-teaming, and robust incident response capabilities — all while aligning with the business’s broader risk management framework.
In the words of Glenn Akester, it is no longer a question of if an attack will happen, but when. And the best-prepared retailers will be those who recognise that cyber resilience is not an IT issue — it is a boardroom imperative.
