Bira’s new podcast urges independent retailers to brush up on IT security to reduce their risk of falling victim to cybercrime. The latest episode of High Street Matters titled ‘No Business Too Small – Protecting Independent Retailers from Cyber Crime’ tackles the misconception that small businesses are not targets for cyber-attacks.
In the episode, host Jeff Moody, chief operating officer of Bira, brings together expert insights from Andrew Goodacre, CEO of Bira, Melissa Minkow, Director of Retail Strategy at CI&T and retail futurist, and Andrew Maben from Kevin’s Schoolwear in London, who experienced a cyber-attack firsthand.
Commenting is Andrew Goodacre, CEO of Bira
“There is a groundswell of perception within small business owners that the kind of hacking and disruption that the likes of Marks & Spencer have experienced recently is really just a thing that happens to big companies and not small ones. It’s a kind of head-in-the-sand approach, not wanting to really face up to that harsh reality that they may be liable.”
The podcast reveals research showing 61% of small and medium businesses were the target of a cyber-attack in 2021. CI&T’s Melissa Minkow explains. “Small businesses are oftentimes making the assumption that they wouldn’t be the target because they’re collecting less data. But this is an issue that every retailer, unfortunately, is facing – regardless of size.”
Andrew Maben shares his experience of Kevin’s Schoolwear being hit by a DDoS (Distributed Denial of Service) attack a couple of years ago.
The attack left the business’s website displaying in Chinese and out of action for two weeks during a crucial trading period. “I suppose in hindsight, we were taking this for granted a little bit,” says Maben.
“We’re too small for cyber hackers – I didn’t think little old Kevin’s Schoolwear would provide that kudos for them. But we now understand that we are vulnerable to much less sophisticated attacks, and small businesses are actually, in proportion, more vulnerable to these sorts of attacks.”
The episode provides practical advice for independent retailers including: implementing strong passwords and multi-factor authentication; regular system updates; staff training on recognising phishing attempts; creating a crisis management document on paper; seeking advice from IT specialists; and considering Cyber Essentials certification.
Goodacre also emphasises the importance of preparation
“We need to get our members to think about the impact of a cyber-attack. What would you do if you lost access to your website? How would you deal with it? That plan of action, committing those steps down, is becoming increasingly important.”
Minkow concludes: “It does seem like a really costly investment, but it is going to be far more expensive if down the line you’re reacting to it rather than preparing for it in advance. Any strong data strategy should incorporate a cybersecurity plan.”
The podcast is available now here. More resources and support for independent retailers are also available here.