Recent cyber attacks targeting high street giants such as M&S, Co-op and Harrods have served as a poignant reminder that no brand is too big to fall victim to digital threats.
The spate of recent and severe cyber attacks have highlighted the urgent need for robust cybersecurity strategies to many British retailers and ecommerce brands. In a time where customer data, payment details and business operations are increasingly housed online, protecting your website is no longer an option, it’s integral to ensuring the safety and security of your business and customers. With leading heritage brands such as M&S, Harrods and Co-op falling victim to severe cyber attacks, it’s clear that every business should be protecting themselves against digital threats. That’s why we’ve decided to write this blog post, to serve as a reminder to take cybersecurity extremely seriously and to provide some actionable tips to help secure your ecommerce website. Without further ado, let’s dive in.
Is my ecommerce website at risk?
Ecommerce websites are definitely attractive targets for cyber criminals due to the sheer volume of personal and financial details they process every single day. Many ecommerce sites have weak points in their infrastructure (such as weak login credentials, outdated plugins or insecure forms) that hackers and cyber criminals can utilise as an entry point to your site. While these weak points and access routes are actually relatively easy to secure, the consequences for not doing so can be catastrophic. We’ve seen the devastating impact that a cyber attack has had for M&S over the last few weeks with the brand having to suspend its online clothing orders since April 25th and analysts forecasting a £30 million pound loss for the brand so far.
Recent reports are indicating that the M&S hackers may have gained access to their site by tricking their IT help desk. It’s clear that setting up processes, security features and protocols to protect your site, customers and employees from these threats is absolutely integral. So much so Britain’s National Cyber Security Centre has recommended every business to review their help desk processes to avoid falling victim to attacks like this one that are unfortunately becoming all too common.
What can we learn from these attacks?
Ecommerce brands can learn valuable lessons from these high-profile cybersecurity breaches. While well-established brands and large corporations often have dedicated security teams, smaller ecommerce brands can sometimes be more vulnerable due to limited resources, staff and oversight while running a busy online store. Every brand should therefore take a proactive role in safeguarding your website from cyber threats. Here are just a few key takeaways brands can learn from the recent cyber attacks that have impacted many high street retailers:
- Cybersecurity is a shared responsibility: Even when using a trusted ecommerce platform such as Magento, Shopify or WooCommerce, it pays to take accountability by regularly reviewing security settings and ensuring all employees are trained to spot any risks or breaches.
- Proactive protection > Reactive recovery: Once a security breach happens, it’s already too late. At that point, it’s about damage control and reputation management. It’s always better to prevent a problem than deal with the consequences so be sure to create robust security strategies, enable two factor authentication, regularly perform security audits and ensure strong password policies within your business.
- Customer trust is fragile: A security breach can be truly catastrophic to your brand reputation. Even after building decades of trust with customers even brands like M&S and Harrods are likely to see a decline in customer trust after the recent cyber attacks on their sites. Customers expect their data to be handled with care so ensure your brand is always transparent, honest and acts quickly during any security incidents to maintain that valuable trust.
Practical tips for ecommerce security
When it comes to protecting your ecommerce website, small proactive steps can make all the difference. Whether it’s securing sensitive customer data or defending against emerging cyber threats, implementing even the most basic of security measures could help waive off cyber criminals and instil customer trust. If you haven’t already implemented the following, be sure to do so:
- Ensure every page has an SSL certificate and used HTTPS
- Set up firewalls and regularly run malware scans
- Implement two-factor authentication wherever you can
- Keep your CMS, themes and plugins up to date
- Always use strong, unique passwords that aren’t easy to guess and encourage employees to do the same
- Work with your developers or digital agency to run regularly security checks
At Limely, we take security incredibly seriously. Whether you’re launching a brand new online store or are refreshing an existing ecommerce site, we work closely with trusted platforms, plug-ins and partners to ensure your website is not only beautifully designed and highly functional, but built to protect your customers and business. The recent incidents involving M&S, Co-op and Harrods are not isolated cases and it pays to be vigilant. By staying proactive and informed, you can minimise the risk of cyber attacks and protect your business.
Need help securing your ecommerce store? Get in touch to learn how Limely can future-proof your website and support your growth.
