The British Retail Consortium (BRC) has launched a cybersecurity toolkit it hopes will protect retailers and consumers from online threats. It aims to provide retailers with a practical guide to both preventative and responsive steps they can take to manage cybersecurity threats.
With online sales growing between 10% and 15% each year over the last few years, and cybercrime becoming an increasing concern, the BRC hopes its new guidance will help members “keep pace with the evolving risks associated with operating online,” as per their statement.
Additionally, a key component will be guidance on keeping sensitive customer data secure. That ties-in with the upcoming introduction of GDPR.
According to the BRC’s own Retail Crime Survey, around 53% of fraud reported in the retail space is cyber-fraud, equating to around £100m in costs each year. Hacking and data breaches accounted for around 5% of the total, around £36m.
The main recommendations of the BRC Cyber Security Toolkit include establishing security as a boardroom-level issue, greater information sharing throughout the retail industry, complete cybersecurity risk assessment and creating a robust and detailed incident response plan.
Hugo Rosemont, BRC policy advisor on crime and security, said: “The UK is one of the leading e-commerce markets in the world. The BRC Cyber Security Toolkit is designed to equip British retailers with the know-how, guidance and practical support that will help the industry stay ahead of the ever evolving threats posed by cyber-related criminality.
“All parts of the retail industry have a large and growing stake in keeping customers safe and secure, and the industry is committed to ensuring the strongest possible measures are in place – all the way through from prevention to incident response.”
The scheme was launched in conjunction with the Home Office, with Minister Sarah Newton MP adding: “We are already taking world-leading action to stamp out cybercrime and fraud, including investing £1.9bn in cybersecurity over five years. But as we have said, the government cannot do this alone. Businesses have a responsibility to take steps to protect themselves and their customers, which is why we are delighted that the BRC has introduced their Cyber Security Toolkit to help retailers to do so.”
Finally, Dr Ian Levy, technical director of the National Cyber Security Centre, said: “The retail sector is vital to the UK’s economic well-being and both the sector and its supply chain are increasingly reliant on online safety and security. The NCSC is delighted to be working with the BRC in finding innovative ways to make the UK a safe place for citizens, e-commerce, small businesses and large chains to do retail business online.”