The rise of online commerce over the last two decades has completely transformed the retail and consumer goods industries—and with smartphone adoption accelerating globally, the share of shopping done via the internet will only continue to expand. But this growth in digital sales can come with a hefty price tag for retailers and consumer goods businesses: a much greater risk of data breaches.

According to a recent study by IBM Security, the 2023 X-Force Threat Intelligence Index established the retail and wholesale industry as the fifth-most targeted industry in 2022, with cybercriminals increasingly looking to exploit the trove of data gathered from the billions of transactions sellers process online. But there’s good news: by modernizing their cybersecurity strategy with automation and AI technologies, businesses can help reduce costs and minimize time to identify and contain breaches.

The cost of vulnerability

It’s easy to see why retail and consumer goods industries present so compelling a target for attackers. With worldwide e-commerce sales totals expected to reach $8.1 trillion by 2026, businesses are accumulating massive amounts of sensitive data, including payment information from their customers.

This wealth of data is an attractive target for cybercriminals to exploit for financial gain. According to the IBM Security Cost of a Data Breach Report 2023, using attacks like phishing or compromised credentials—representing 16% and 15% of studied data breaches, respectively—cybercriminals have been able to skirt many security perimeters often resulting in lost or compromised data.

The Threat Intelligence Index also found that breaches against the retail and wholesale industry represented 8.7% of all studied attacks among the top ten industries in 2022, up from 7.3% in 2021. The manufacturing industry has fared even worse as malicious organizations may seek to disrupt supply chains or expose intellectual property, among other things. In fact, the Threat Intelligence Index found that manufacturing was the most targeted industry overall in 2022.

The Cost of a Data Breach Report saw industrywide costs per breach hit record highs last year. For retail, the average data breach studied cost $2.96 million; consumer goods was even more damaging, coming in at $3.8 million—ranking tenth among industries studied. Both sectors also exceeded the global average for breach containment time. Further, it took retail organizations 10 extra days to identify a breach and 9 extra days to contain it, and consumer goods businesses 8 extra days to identify a breach and 10 extra days to contain it when compared to the global average.

Room for improvement

Compared to other industries, retail and consumer goods have a lot of opportunities to improve when it comes to defending against data breaches. Additional IBM internal research found that only 25% of retail companies and 29% of consumer goods businesses studied employ extensive automation and AI-powered security solutions. By modernizing security strategies and taking a proactive approach, organizations can enhance their ability to detect intrusions, and potentially shut them down before they can inflict real damage to help reduce the overall impact of a breach.

One of the biggest mitigators of studied data breaches was speed, and security AI and automation had the most profound influence on an organization’s ability to quickly identify and contain attacks. Industrywide, studied businesses employing AI and automation extensively in their security operations were able to shorten the average data breach lifecycle by 108 days compared to those that did not employ these technologies. Based on these findings, this translated to a cost savings of $850,000 per attack—up to 30% less than the average impact.

A big part of this is simply the ability to detect the breach quickly, yet only one-third of data breaches studied were detected by the affected company. But those participating businesses that did detect the breach themselves, were able to act much more swiftly to contain the attack, resulting in a lifecycle reduction of nearly 80 days compared to data breaches that were disclosed by the attacker (241 days versus 320).

As the digitization of retail and consumer goods industries continues to advance, businesses will face increasing pressure from attackers seeking to disrupt their operations and exploit their wealth of data. By investing in more sophisticated detection and response capabilities, companies can make substantial improvements in their ability to contain data breaches to help significantly reduce the financial and reputational fallout in the process.

Explore the Cost of a Data Breach Report

More from Security

How to build a successful risk mitigation strategy

4 min read - As Benjamin Franklin once said, “If you fail to plan, you are planning to fail.” This same sentiment can be true when it comes to a successful risk mitigation plan. The only way for effective risk reduction is for an organization to use a step-by-step risk mitigation strategy to sort and manage risk, ensuring the organization has a business continuity plan in place for unexpected events. Building a strong risk mitigation strategy can set up an organization to have a…

Leveraging CISA Known Exploited Vulnerabilities: Why attack surface vulnerability validation is your strongest defense 

5 min read - With over 20,000 Common Vulnerabilities and Exposures (CVEs) being published each year1, the challenge of finding and fixing software with known vulnerabilities continues to stretch vulnerability management teams thin. These teams are given the impossible task of driving down risk by patching software across their organization, with the hope that their efforts will help to prevent a cybersecurity breach. Because it is impossible to patch all systems, most teams focus on remediating vulnerabilities that score highly in the Common Vulnerability…

How SOAR tools can help companies comply with the latest SEC cybersecurity disclosure rules

3 min read - In July 2023, the Securities and Exchange Commission (SEC) voted to adopt new cybersecurity rules and requirements for all publicly listed companies to address risks. Among the new rules were updated requirements for filing Form 8-K as well as new disclosure obligations for Form 10-K.  Under the new rule, public companies will be required to report on Form 8-K within four business days after the company determines it has experienced a material cybersecurity incident. The filed Form 8-K must describe:…

How financial institutions can deliver value from investment in digital operational resilience

2 min read - The Digital Operational Resilience Act (DORA) is a landmark piece of legislation in the European Union (EU) that is designed to help fortify the operational resilience of the financial sector, making it fit for purpose in the digital age. DORA has several objectives, including to comprehensively address information and communications technology (ICT) risk management in the financial services sector and harmonize the ICT risk management regulations that already exist in individual EU member states. Building the requisite level of digital…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters