The survey, published today, was drawn from retail respondents who collectively control 11,000 stores and £103 billion in turnover across the UK.
Retailers spent 17 percent more on cybersecurity in 2018 than the year before. Some £162 million was directed towards this form of protection compared to £139 million one year earlier as nearly 80 percent of the retailers surveyed for the annual Retail Crime Survey said they had seen an increase in the number of cyber attacks.
The BRC said this year’s sample group has a slightly higher proportion of online retailers, reflecting the broader industry trends of growth in digital commerce.
According to the report, phishing is viewed by virtually all respondents as a high-risk type, as is data theft. Conversely, spoofing and doxing are seen as low-risk types of cybercrime.
Clare Gardiner, director of engagement at the National Cyber Security Centre (NCSC), said: “The NCSC is committed to helping to improve the UK’s cybersecurity, which is why we have worked in partnership with the BRC to produce the BRC Cyber Security Toolkit.
“Cyber attacks can have a huge impact, but to help potential victims pro-actively defend themselves, we have published a range of easy-to-implement guidance on our website.”
She added: “Organisations can also confidentially share threat intelligence through the NCSC’s online Cyber Information Sharing Partnership, which increases awareness of dangers and reduces the impact on UK businesses.”
The crime report found that violence remains a critical issue for retailers this year, with an average of 115 retail employees attacked every day.
As consumers shift away from spending on the high street and adopt a proclivity for online shopping, e-commerce fraud is growing at twice the rate of e-commerce sales. It’s expected that retailers will lose around US$130 billion in digital CNP fraud between now and 2023.
Online retailers have spent a staggering £8 million fighting the risks mostly adopting a reactive measure rather than a proactive one according to Trulioo General Manager Zac Cohen.
He said that retailers would be better off investing in fraud detection and prevention solutions that verifies a user’s identity and cross-references it against fraud data before allowing transactions.
Cohen said: “A data trail is at the heart of every transaction, even the fraudulent ones. If used effectively, data can expose malicious actors, especially when verifying identities at account creation. With the rise in e-commerce fraud, the use of specific data points can create barriers that prevent criminals from gaining access to e-commerce accounts, while simultaneously authorising legitimate customers to access their accounts effortlessly. In mere seconds, smart data can be referenced, verified and used to prevent fraudulent transactions – saving online retailers time, money, and resources – while allowing legitimate customers to easily and efficiently complete a purchase.
“Additionally, many online retailers are expanding into emerging markets around the world where mobile phones are proving an effective cost-efficient tool for identity verification. As e-commerce continues to grow, so too does the risk and cost of fraud. Fraudsters will always go for the easiest, fastest and most lucrative payoffs and that means targeting retail sites that do not implement vigilant, vigorous practices for verifying customers and detecting fraud. In the burgeoning e-commerce landscape of today, an agile and data-centric approach to combat fraud is the need of the hour.”