In recent weeks, cyberattacks on major retail brands revealed the sobering reality that even the most established retailers are vulnerable.

In one case, hackers invaded systems via a third-party supplier, leading to a three-week shutdown of online orders, data exposure and an estimated £300million hit to operating profits. Meanwhile, another company faced a breach that exposed customer data, disrupted supply chains and left shelves empty across multiple regions.

As the pace of digital innovation accelerates, many retail organisations are charging ahead with AI-driven experiences while overlooking critical vulnerabilities in their cybersecurity posture, says Phil Swain, CISO at Extreme Networks.

The expanding attack surface of modern retail

From April and September 2024 alone, retailers confronted over 560,000 AI-driven attacks every day. From ransomware and phishing to supply chain breaches and DDoS attacks, today’s threat landscape is more sophisticated and targeted than ever before.

The financial impact is also disconcerting. According to IBM, the global average cost of a breach reached an all-time high of $4.88million – a +10% increase from the previous year.

Retailers operate sprawling, interconnected environments that span ecommerce platforms, mobile apps, smart stores and public Wi-Fi. Each of these surfaces can introduce potential vulnerabilities. And they are increasingly being targeted by attackers.

AI’s impact on both sides

What’s driving the surge in breaches? Complexity. A decade ago, attacks were largely opportunistic. Now, cyber criminals are organised, well-funded and increasingly deploying AI to identify vulnerabilities and accelerate exploits. The time it takes to exploit zero-day vulnerabilities is now measured in hours and days, no longer weeks or months.  In this new reality, AI-readiness must include security-readiness. Many organisations, including retailers, are falling behind.

Retailers are adopting AI to personalise shopping experiences, manage inventory and automate operations. But without AI-native security or a clear strategy for management, this can introduce more vulnerabilities: more data, more devices, more automation, more risk.

When used defensively, AI has enormous potential, giving you real-time anomaly detection, behavioural analytics and automated threat response. Organisations that extensively deployed AI capabilities as part of the security programme saved an average of $2.22million per breach, compared to those that didn’t according to IBM. 

Proactive investment in smart defences clearly pays off. But those gains only come when security is built into the system from the start. And that’s where many retailers fall short.

The platform gap

According to NVIDIA, nine in ten retailers are either actively using or assessing AI in their operations and 97% plan to increase investment in the coming year.

Despite this momentum, challenges remain. We often see retailers deploying disconnected point solutions that don’t speak to each other, leaving IT teams focused on resolving issues, rather than driving innovation. Visibility gaps can make it difficult for businesses to detect active threats, while the long-term fallout of a breach, such as reputational damage or regulatory penalties, can become more severe over time.

Cybersecurity can no longer be treated as a bolt-on solution. It must be built-in from the start. That’s why many retailers are now turning to platformisation: consolidating security, networking and automation into a single, intelligent framework. Our research shows that 89% of IT leaders (including 93% of CIOs and CISOs) want to move to a unified platform that integrates these capabilities.

This approach reduces complexity, improves visibility and helps lean IT teams stay ahead of evolving threats.

People matter as much as platforms

Technology alone, however, is not enough. Culture and leadership matter just as much. Retailers must foster cyber awareness at every organisational level.

Employees are often the first line of defence, but can also be a potential point of vulnerability. Ongoing training, clear protocols and a culture of accountability are critical. Senior organisational leaders should work closely with their IT and InfoSec teams to understand business continuity plans across all areas of the organisation and its operations.

It must also be addressed in the boardroom. Cybersecurity isn’t just an IT issue; it’s a business concern at the highest levels. CEOs should be asking the hard questions: Are we ready for an attack? Do we have end-to-end visibility? Is our infrastructure resilient enough to quickly recover?

The future belongs to those who get security right

AI will define the next era of retail, but only for those organisations that are ready. Recent breaches have shown how quickly things can unravel when vulnerabilities are exploited. Retailers that build cybersecurity into the foundation, invest in the right platforms and engage their people will be best positioned to thrive.

This isn’t just a technology issue, it’s a business imperative. The risks are real – and so is the opportunity.