Retailers are less likely than businesses in other industries to weather the effects of a ransomware attack, because of their complex IT and cloud infrastructure, according to research from data management and security firm Veritas Technologies.

Veritas commissioned research among 2,700 IT executives at companies in different industries globally that employed over 1,000, and found that nearly a third (29 per cent) of businesses in the retail sector who had been hit by a ransomware attack paid the full ransom.

Retailers are less likely than businesses in other industries to weather the effects of a ransomware attack, because of their complex IT and cloud infrastructure, according to research from data management and security firm Veritas Technologies.

Veritas commissioned research among 2,700 IT executives at companies in different industries globally that employed over 1,000 people, and found that nearly a third (29 per cent) of businesses in the retail sector who had been hit by a ransomware attack paid the full ransom.

The research revealed that companies with greater complexity in their IT infrastructure and cloud platforms, across all industries, were more likely to make ransom payments after being attacked.

It was found that retailers have the second most complex cloud infrastructure of all industries, with 28 per cent of retailers using more than 20 cloud services.

Also, despite 38 per cent of retailers citing an increased risk of external attacks - such as data breaches or ransomware - as a major concern, more than a third of companies (36 per cent) had seen their IT security budgets decrease since the start of COVID-19.

Matthew Banks, senior enterprise tech manager at Veritas Technologies, said: “Given the disruptions they have faced due to COVID-19, many retailers will primarily be focused on survival and capitalising on demand over the festive period. As a result, it is no real surprise that IT security budgets have decreased over recent months.

“However, to adapt to the disruptions caused by the pandemic, retailers have accelerated their cloud adoption in order to move more of their processes online. Unfortunately, this growing complexity is leaving them vulnerable to ransomware attacks.”

Almost two-thirds (65 per cent) of retail IT executives believe their security measures lag behind the technology complexity of their systems.

Only a quarter (26 per cent) thought they could recover from a ransomware attack in less than five days, a lower proportion than the global business average of 34 per cent. And for more than a third of retail firms (34 per cent) it would take between 10-31 days to recover.

Banks added: “Once disruptions have eased and retailers are in a more stable position, firms must look to understand and manage their multi-cloud infrastructure from one central point, invest further in IT security and implement disaster recovery plans.”

The research was carried out in Australia, Benelux, China, France, Germany, Hungary, India, Italy, Japan, Poland, Russia, Saudi Arabia, Singapore, Spain, South Africa, South Korea, Sweden, Turkey, the UAE, the UK and the US.

Share Story: