Recent cyber breaches, often orchestrated by groups like “Scattered Spider” and “Dragon Force,” have underscored the growing sophistication and frequency of cyber threats, posing significant risks to companies across various industries, especially popular retail brands. From April to June 2025, many well-known events have shown that even well-protected systems can be attacked. These events have caused money losses, damage to reputations and the loss of important customer data. In this evolving threat landscape, building cyber resilience in the retail and distribution sector is no longer optional but a necessity. This involves not only preventing attacks but also ensuring that companies can quickly recover and continue operations in the face of a breach. By acting on multiple fronts, you can better protect your company against ever-present and increasingly complex cyber threats. The following best practices, informed by recent lessons learned, may help you in the near future:
01
One of the most effective ways to enhance cybersecurity is by strengthening employee awareness. Companies can regularly hold training sessions to educate staff on recognizing phishing attempts and other common cyber threats. Phishing attacks, a form of social engineering, often appear as deceptive emails or messages that trick employees into revealing sensitive information or clicking on malicious links.
By training employees to identify these red flags, such as suspicious email addresses, urgent language and unexpected attachments, the likelihood of falling victim to such attacks can be significantly reduced. Additionally, it's crucial to emphasize the importance of strong password policies and encourage the use of multi-factor authentication (MFA). Strong passwords should be complex, unique and changed periodically. MFA adds an extra layer of security by requiring employees to provide two or more verification factors to gain access to their accounts, making it much harder for unauthorized individuals to breach the system.
Specific actions to take to improve employee cybersecurity awareness:
02
A secure network infrastructure is the backbone of any robust cybersecurity strategy. Regular updates and patches are essential to protect against vulnerabilities that could be exploited by cyber criminals. System updates often include critical security fixes that address newly discovered threats, so delaying these updates can leave your network exposed. Implementing firewalls and secure Wi-Fi networks is another crucial step in preventing unauthorized access. Firewalls act as a barrier between trusted internal networks and untrusted external networks, filtering out malicious traffic. Secure Wi-Fi networks should use strong encryption protocols, such as WPA3, and have robust authentication mechanisms to ensure that only authorized users can connect. These measures help to create a secure environment that is less susceptible to attacks.
Specific actions to take for securing network infrastructure:
03
Protecting customer data is paramount to maintaining trust and ensuring compliance with data protection regulations. Sensitive data should be encrypted both in transit and at rest to prevent unauthorized access. Encryption transforms data into a code that can only be deciphered with a specific key, making it much more difficult for hackers to steal and use the information. Following best practices for data management is also essential. This includes implementing data minimization principles, where only the necessary data is collected and stored, and ensuring that data is properly classified and handled according to its sensitivity. By minimizing the amount of data stored, the potential impact of a data breach is reduced, and the organization can better focus its security efforts on protecting the most critical information.
Specific actions to take for protecting customer data:
04
Robust access controls are vital for safeguarding critical systems and data. Access to these resources should be restricted based on job role and necessity, ensuring that employees only have access to the information and systems required for their specific tasks. This principle, known as least privilege, helps to minimize the risk of insider threats and reduces the attack surface in case of a breach. Monitoring and logging access to these systems is equally important. By keeping detailed logs of who accesses what and when, organizations can quickly detect and respond to suspicious activities. This proactive approach allows for timely intervention and can help prevent or mitigate damage caused by unauthorized access.
Specific actions to take to implement robust access controls:
05
Continuous security monitoring is essential for identifying and mitigating risks in real-time. Utilizing advanced threat detection tools can help organizations stay ahead of potential threats by providing real-time alerts and insights into suspicious activities. These tools can analyze network traffic, user behavior and system logs to detect anomalies that may indicate a security breach. Regular security audits and vulnerability assessments are also crucial for ensuring compliance and the effectiveness of security measures. These audits help to identify any weaknesses in the system and provide actionable recommendations for improvement. By engaging in continuous monitoring and regular assessments, organizations can maintain a high level of security and adapt to new threats as they emerge
Specific actions to take for engaging in continuous security monitoring:
As you embark on improving the resilience of your organization and workplace in the face of recent threats and shifting risk landscape, make sure to keep these best practices and Willis, a WTW business, in mind. We are ready to assist you by finding solutions that fit your specific circumstances now and prepare you for the future. If you have any questions or would like to learn more about our capabilities and solutions, please reach out to a trusted WTW colleague or contact us here today.
WTW hopes you found the general information provided here informative and helpful. The information contained herein is not intended to constitute legal or other professional advice and should not be relied upon in lieu of consultation with your own legal advisors. In the event you would like more information regarding your insurance coverage, please do not hesitate to reach out to us. In North America, WTW offers insurance products through licensed entities, including Willis Towers Watson Northeast, Inc. (in the United States) and Willis Canada Inc. (in Canada).
