In the past, there weren’t as many crimes to threaten physical retail stores as there are now. That is because technology has advanced rapidly over the years, making the world more digitally interconnected and dependent on technology than ever before. As a result, cybercrime has turned into a severe threat to the world of retail.

Cybercrime includes a broad scope of threats, with the most common crime identified as hacking. Ransomware is also a leading threat to big corporations capable of paying high extortion requests. 


Today, cybersecurity is more important than ever, especially because 1 in 8 UK retail stores have suffered cyber attacks in 2020 and 2021, with 28% being small businesses that experienced a data breach. To prevent a similar cybercrime, Certum IT support can help to secure systems and sensitive data.

Tips for Retail Businesses to Avoid Risks

  • Train Employees

Like office-based businesses, small retailers are equally susceptible to becoming a victim of cybercriminals. This can occur through something as simple as opening the wrong email and being exposed to phishing. 

The biggest reason why small retailers are at a high risk of cyberattacks is that they don’t think it’s important to get protected against them. For this reason and due to human error, like opening an email that contains malicious software (malware), cybercriminals see it as an opportunity to attack business systems, which compromises sensitive data.

Prevent the threat: The best way to avoid cyber attacks is to train employees regularly to recognise common phishing scams, along with fraudulent email content. These can include suspicious attachments, a request for payments (debt or an invoice), poor spelling, grammar, and language, a time limit on an email’s sense of urgency, and generic greeting styles.

Certum IT Support offers managed IT security to help you identify cybersecurity threats.

  • Get PCI DSS Compliant

It is very unlikely that a shop owner won’t accept card payments. When it comes to card payments, however, there are significant rules stipulated by card issuers called Payment Card Industry Data Security Standards (PCI DSS). These rules and regulations exist to secure customers’ private card details, which is why it is crucial to be aware of and understand them.

It is also necessary to comply with PCI DSS and ensure the security of your card system is up to standard, as breaching it can result in a £3,000 to £60,000 fine. 

Prevent the threat: Ensure your business is PCI DSS compliant by checking if you fit into one or more of the four levels of compliance:

  • Level 1: If you are a business processing more than 6 million card transactions a year.
  • Level 2: If you are a business processing 1 to 6 million card transactions a year.
  • Level 3: If you are a business processing 20,000 to 1 million card transactions a year.
  • Level 4: If you are a business processing less than 20,000 card transactions a year.

Smaller retail businesses are likely to fit into either level 3 or 4 of this framework, which means they have to become PCI DSS compliant. Certum IT Support can assist with helping you fill out the PCI DSS compliant questionnaire.

  • Get Insurance

There are many types of insurance that can safeguard you against risks related to trading and compensation claims caused by dangerous or faulty stock, such as product liability insurance and employers’ liability insurance. As a retailer, it is a smart move to take out insurance that protects your entire business.

There are three types of business insurance that can cover your entire business:

  • Business interruption insurance – To cover unexpected stoppages in any business activity, such as your cash flow.
  • Business contents insurance – To protect electronic equipment in your physical store and stock against damage or theft.
  • Public liability insurance – To cover your business against any potential claims made by the public due to injury in your store(s) or property damage.

Prevent the threat: Get a minimum of the three above-mentioned insurance policies to protect your business against potential threats, especially cyber threats. Although cyber cover can seem unnecessary, it is important to note that nearly a third of small businesses experience cyber breaches at some point. 

The Certum IT Support Team is trained and experienced to advise you about cyber insurance and how to get it.

  • Back-Up Data

Ideally, it is recommended that you backup your business data on more than one server. This is required to prevent potential ransomware attacks from stealing all your business data. 

Backing up data on multiple servers should be accompanied by comprehensive cyber insurance, which will secure your business by covering extortion payments. With the help of backups on alternative servers, you stand a much bigger chance to restore data than you would have if you paid a ransom demand.

Prevent the threat: Keep at least two backups of your business’s valuable data. This must be stored on separate systems, preferably with one off-site or offline. In this way, your business will not be too disrupted and can continue with operations and trading, even amid a ransomware attack. 

Certum IT Support offers Cloud services, including backup and disaster recovery services, to prevent data from being lost should a ransomware attack occur.