Black Friday has exploded worldwide over the past couple of years as the post-Thanksgiving sales have cemented their date in the diary this side of the pond. The perfect opportunity to make some savings on your Christmas shopping, the weekend beginning with Black Friday and ending with Cyber Monday attracts millions of people to shops – both in person and online – every year.
With all these shoppers online to bag the best bargain, the Black Friday weekend is like ‘Christmas has come early’ for cybercriminals. So how do retailers ensure that they keep their systems safe from such threats and ensure they provide their customers with the best shopping experience?
Cyber Protection Magazine spoke to industry experts about the steps organisations can take to enjoy a successful and trouble-free Black Friday.
Let’s go shopping!
The past two years have been a whirlwind of events that we never could have predicted, but one thing we can be sure of is that millions of us will be hitting the high street and browsing the online racks this Black Friday weekend.
“Black Friday can be a chaotic time for retail. It’s one of the busiest times of the year, and the sheer number of orders can cause problems even for well prepared retailers. Websites crash, stocks run out and customers can get frustrated. This year promises to pose an even greater challenge with an inconsistent supply chain and labour shortage,” explains Rob Shaw, Managing Director EMEA at Fluent Commerce.
“To add to the pressure, recent research from Fluent Commerce revealed that 42% of people in the UK plan to start their Christmas shopping by Black Friday this year. And even though physical stores are open again this year, 89% of shoppers plan to do at least some of their Christmas shopping online, so a seamless omnichannel customer experience is vital.”
Gregg Mearing, Chief Technology Officer at Node4 adds that “Black Friday has always been one of the busiest days of the year for online retailers. Last year this was accelerated further by the lockdowns and store closures caused by the pandemic. In fact the UK ended 2020 with the value of online retail sales reaching just below £100 billion GBP – a huge increase from £76 billion in 2019.
While the bricks and mortar shops will be open this Black Friday, online shopping is predicted to be just as busy with massive retailers including Debenhams and Topshop now online-only.”
Elevating customer experience
With access to so many customers – both new and returning – the Black Friday weekend provides an opportunity for retailers to deliver exceptional customer service and establish customer loyalty to keep them returning throughout the year.
“Today’s retailers are operating in a market where consumers are becoming increasingly savvy, increasingly sure of what they want, and increasingly demanding of anyone they purchase from. User experience is everything,” explains Chris Wilson, Industry Director – Retail at Six Degrees. “Your website’s uptime, performance and security are essential elements of the user experience you deliver.”
“Consumers no longer have to imagine the possibility of watching their favourite TikToker unboxing the latest product and having that same product delivered to their doorstep just a few hours later. This is already a reality,” notes Joel Reid, UK&I VP/General Manager at Axway. “APIs are bridging the virtual world and the last mile by enabling retailers to innovate and connect to third party applications like click and collect, same-day delivery through partner services, and real-time delivery tracking where retailers can even pinpoint the location of a specific shipment on a truck.”
With the high volumes of traffic caused by Black Friday and Cyber Monday, Lex Boost, CEO at Leaseweb advises organisations to “ensure that their infrastructure is built for speed, security and reliability so as to not disrupt the customer experience. One of the most important steps a retailer can take is partnering with a comprehensive cloud hosting solution that includes hybrid ready product portfolios, core uptime, iron clad security solutions and an extensive network that addresses industry-specific requirements and can be trusted in times of high traffic to deliver a quality experience for customers.”
WARNING: Cybercriminals lurking
Whilst retailers are preparing their e-commerce systems for the high traffic expected on Black Friday, cybercriminals will be preparing to target it.
“With ransomware attacks constantly on the up – the FBI’s Internet Crime Complaint Center reported a 62% year-over-year increase in ransomware complaints from January to July 2021 – it’s vital that retailers using the cloud have sufficient backup and recovery solutions in place to ensure that all customer data is safe and secure. There’s no good time for a data breach, but the lead up to Christmas is definitely less than ideal!” emphasises Stuart Abbott, Area Vice President & General Manager, UK & Ireland at Commvault.
“Given the retail industry was reported as the second industry most attacked by ransomware this year, retailers must have a laser focus on security in their preparations for Black Friday. A ransomware attack on the day could be catastrophic,” agrees Chris Rogers, Technology Evangelist at Zerto, a Hewlett Packard Enterprise company.
Surya Varanasi, CTO of StorCentric, sees the focus of cyber criminals with large retailers: “While there is always a chance that ransomware will hit a smaller retail organization, the greatest likelihood is that it will target large organizations with operations, revenue and PII to protect, as well as the deepest pockets to pay.”
His colleague, JG Heithcock, General Manager of, Retrospect, agrees: “Today’s mid-to-enterprise class retail organizations manage complex IT operations that depend upon numerous technologies, distributed across the HQ datacenter and each remote location, to provide customer-facing and back-office functionalities. This creates a vast attack surface for the would-be cybercriminal that only needs to be right one time to get in, versus the datacenter management team that must be right every time, every day, in every way. Today, it is not a matter of ‘if’ ransomware will get in, rather a question of ‘when?’”
Ransomware is not the only threat to Black Friday. With the growth of payment methods such as buy now, pay later (BNPL), cybercriminals are handed another method to exploit customer data. As Martin Rehak, CEO of Resistant AI explains, “most BNPL offering only soft credit checks as part of the onboarding process, criminals can use false or stolen identities to purchase goods they have no intention of paying for and will no doubt sell on the black market. BNPL providers need to leverage Artificial Intelligence and Machine Learning in order to validate customer identity quickly and painlessly.”
Keeping the festive season merry and bright
No one wants to lose money, have their data stolen or be the victim of other fraudulent activity in the run up to Christmas. How can organisations protect their systems to avoid this from happening?
“Getting Black Friday right this year will mean being prepared in advance: making sure staff have the most suitable facilities — whether they’re working remotely or on the shop floor — and that workforce management programs are up to date,” explains Ian Rawlings, Regional VP EMEA at SumTotal.
Rogers adds, “retailers need to shift to a more pragmatic and strategic security approach that aims to ensure the organisation can recover fast from a cybersecurity event and get back to business as usual – with zero data loss. Once you’ve been compromised, prevention is no longer a viable protection strategy. By implementing tools that deliver disaster recovery and continuous data protection (CDP), IT teams effectively regain control of their destiny and can’t be held to ransom by external threat actors that are intent on disruption or extortion.”
“Taking a proactive approach to cybersecurity and having the measures in place to prevent attacks from penetrating your systems is the best way to ensure your organisation can enjoy the festive season without suffering a breach,” concludes Danny Lopez, CEO of Glasswall.
“Content disarm and reconstruction (CDR) technology can provide immediate protection as a threat attempts to penetrate an IT environment. Any attached files undergo an instantaneous, four-step process to scrub the document of any malicious code and make sure it is safe going into the network. This ultimately helps to create a digital environment where a threat cannot exist and keeps the holiday season merry and bright.”