The first step in dealing with your organisation’s cyber security is embracing the fact that you are in fact at risk in the first place. With 5.5 million suspicious e-mail reports in the UK alone last year – where a high number were almost certainly linked to attempted network breaches and ransomware - it is clear to see the scale of the problem. And whilst the high-profile attack on Tesco on October 2021 is the sort of attack that the media promote, it remains the case that smaller businesses are more frequently targeted. The impact on a small food producer losing its data may not just be detrimental – like with Tesco which may have lost over £50 million in lost sales and revenue as a result of the attack - it can close them down for good.

In 2021 PwC research showed that cyber-attacks on their food and retail clients had increased by over 30% since 2020, demonstrating that the retail and ecommerce industry is of interest to cyber criminals. The main threat is around the theft of customer data, which retailers hold huge volumes of. If you consider how much data you input to successfully order something online, then consider if that’s data you would like cyber criminals to have.

Here at the ECRC we have embraced the need to protect the retail sector – you had to resort to an almost 100% online service during the pandemic and even today are heavily reliant on the internet to deliver your goods and services. That means you are vulnerable to cyber criminals – but don’t worry - all is not lost. Read on to see how we can help you today!

So, what is out there that I can start using now?

It is fully understood that shops are vulnerable to attack, and many have limited budgets to pay to strengthen their resilience. The good news is that there are loads of free tools, training, and guides specifically much it aimed at retail.

1. Look at the free tools and guidance available on ,our website. All are free and many are fully supported by the National Cyber Security Centre as well as the ECRC. It includes free staff training modules, a free incident response plan designed by the centre and the NCSC’s Active Cyber Defence programme.
2. Get a ,free copy of our free Retail Cyber Guide here. It contains signposting for free tools and guides and gives quick overview of the main threats you’re likely to come across in your business. Print it off and give it to your staff as part of their ongoing.
3. Have a look at the free ,Police Cyber Alarm software. Free to download and operate it will notify you if there is any suspicious activity across your network.
4. Join our growing community of businesses by signing up to ,free core membership. You will be supported through implementing the changes you need to make to protect your organisation, staff, and students.
5. For all of businesses in the retail sector across the Eastern region we would recommend that you look at improving you overall cyber resilience through the free Little Steps pathway we provide to ,Cyber Essentials – the basic government backed kite mark standard for cyber security. And remember that a company operating under Cyber Essentials processes is 99% protected either fully or partially from today’s common cyber-attacks. If you opt to become certified there is an offer of £25k worth of free cyber insurance as well.

The impact of a successful attack against your website or network can be catastrophic and lead to website downtime, loss of data and permanent loss of reputation. But all is not lost. Whatever you decide to do, doing nothing is no longer an option. Here at the ECRC we are already working closely with hundreds of businesses across the East to help them tackle the continually changing cyber threats that they face. So come and join our community as free members and let us help you protect your organisations from the ever presents threats out there in the cyberverse.

,Reporting a live cyber-attack 24/7

​If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.

,Reporting a cyber-attack which isn't ongoing ​

,Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.

Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).