In a shift from viewing AI solely as a threat, retail experts advocate leveraging generative AI and strategic cybersecurity practices to defend against sophisticated cyberattacks and ensure trading continuity during peak periods.
This is the second instalment in a series for Retail Gazette featuring exclusive insight from Richard Meeus, EMEA director of security technology and strategy at Akamai, and Stephen Faulkner, chief technologist for security at CDW UK. It shifts...
Continue Reading This Article
Enjoy this article as well as all of our content, including reports, news, tips and more.
By registering or signing into your SRM Today account, you agree to SRM Today's Terms of Use and consent to the processing of your personal information as described in our Privacy Policy.
“You’ve got to assume you’re going to get breached. The odds are not on your side,” Meeus tells Retail Gazette, and that blunt assessment underpins the practical, layered approach the two experts advocate: accept continuous attacks, prioritise recovery, and invest in tools and processes that scale.
Immediate priorities: reduce human risk and ensure rapid recovery
Meeus and Faulkner stress that some defences are low-cost but high-impact. Short-term “quick wins” include turning on multi-factor authentication (MFA) everywhere, tightening service-desk procedures to block social engineering, running targeted awareness training and establishing instant response plans for critical trading days. “You don’t need a big spend to start,” Meeus says.
The recovery dimension is central. Meeus warns that organisations frequently underestimate what “recovery” means: “It’s not just one app. It’s your Intrusion Detection and Prevention System (IDPS), your desktops, your app servers, everything needs to come back. And if you think you can get all of that back in three days, you can’t.” Some retailers now plan for extreme fallbacks , could the business operate on pen and paper if systems fail , not to revert permanently but to keep stores trading while systems are rebuilt.
Visibility, alignment and advocacy in the medium term
Both experts make visibility the next priority. Meeus says many networks have accreted “chunks no one really understands,” and mapping those assets is the foundation of a defensible security policy. Faulkner adds that security must be mapped to shifting business objectives , cloud migrations, acquisitions and transformation programmes change the attack surface quickly, and security cannot be a one‑off assessment that lags business change.
Building a clear case for investment is equally important. Retail budgets remain tight, and Faulkner advises security teams to “assess, test, map to frameworks, but also map to business goals” to justify spend and secure senior buy‑in for mid‑term work such as penetration testing, microsegmentation and adopting zero‑trust principles.
Strategic resilience: consolidation, managed services and human risk management
Longer term, the aim is strategic resilience rather than accumulating point solutions. Meeus recalls customers who “bought everything” and ended up managing 100 vendors , an outcome that increases complexity and operational risk. The remedy is consolidation into fewer trusted platforms and architectures such as secure access service edge (SASE), which Faulkner recommends to reduce operational overhead while enabling zero‑trust approaches.
Both speakers emphasise embedding human risk management into the organisation , role‑based, psychologically informed training, onboarding security from day one and shifting culture so people are part of the defence rather than the weakest link. Faulkner estimates “90 per cent” of breaches involve human error somewhere, and attackers exploit that reality.
AI: an accelerator for both attack and defence
AI figures throughout the experts’ analysis as both threat accelerator and defensive force multiplier. Meeus notes generative AI’s ability to “summarise data at scale,” turning mountains of security logs into actionable insights and speeding anomaly detection. Properly applied, AI can help distinguish legitimate peak traffic from bot attacks and scale defences to match attack volumes.
That capability is urgently needed: industry reporting shows AI is rapidly changing criminals’ tactics. Trend Micro warns of “vibe crime,” a new wave of agentic AI that automates phishing, fraud and intrusion chains, enabling continuous, scalable attacks. The company and other security vendors argue defensive systems will need their own AI orchestrators to avoid being outpaced by autonomous adversaries.
Recent reporting also documents concrete shifts in the fraud landscape. Deepfake detection firm Pindrop told Axios that around 30% of fraud attempts now involve deepfakes, with some large retailers receiving more than 1,000 deepfake calls a day. Gift card and consumer‑facing scams are also rising, and payments firms are pouring money into AI and security: a Visa executive told an Axios Live event that the company has invested roughly $500 million in AI and about $12 billion in total to protect its ecosystem.
Practical guardrails for agentic AI in retail
Agentic AI , systems that autonomously execute multi‑step tasks , is being trialled by many retailers to drive efficiency. A Fluent Commerce study reported by TechRadar Pro found over 70% of retailers have piloted or partially deployed agentic AI, though only small numbers consider their deployments mature. Benefits are most visible in customer service and personalised marketing today; interest is growing in inventory and supply‑chain applications.
But TechRadar Pro and other analysts warn of attendant security risks: prompt manipulation, tool misuse, data leakage and automation drift. To deploy agentic AI safely retailers should adopt a secure lifecycle: define clear boundaries for agent actions, apply least‑privilege access, harden inputs and prompts, build deep observability, impose controlled execution environments and run adversarial testing. Choosing partners with retail expertise and robust platform controls is essential.
A layered checklist for retail security readiness
Drawing the research and the experts’ advice into a pragmatic roadmap yields a layered checklist retailers can act on now and next:
- Short term: enforce MFA, harden helpdesk processes, run role‑specific awareness training, and define instant response plans for peak trading days.
- Medium term (6–12 months): map networks, cloud workloads and data; align security projects with business objectives; run penetration and red‑team tests; and begin microsegmentation and zero‑trust pilots.
- Long term: consolidate tools into integrated platforms (for example SASE), reduce technology debt, adopt managed services where skills are scarce, and institutionalise human risk management.
The business case for security
The strategic argument is straightforward: cybercrime has professionalised into an industry that applies business logic, targets busiest windows and weighs cost‑benefit like any legitimate enterprise. As Faulkner puts it, “Cybercrime is an industry now.” Industry investments , from payments networks’ multibillion‑dollar programmes to vendor warnings about agentic AI , confirm the stakes are rapidly rising.
“Don’t believe the hype, don’t buy the snake oil,” Meeus concludes. “Get the basics right, invest strategically, and be ready for when, not if, the attack comes.” For retailers, the choice is to treat cybersecurity as a business enabler that protects revenue and customer trust, or to risk headline‑making outages at the worst possible moment.
Source: Noah Wire Services
Subscribe to Industry Updates
