RESEARCH REPORT

In brief

In brief

  • While technology enables retail and hospitality sectors to better use data to achieve customer service and personalization, they also create risk.
  • Accenture Security iDefense has partnered with the Retail & Hospitality-ISAC to overview the threats and examine threat activity.
  • But this report isn’t just a review of recent threats, it also looks ahead as companies deal with cyber threats during COVID-19.
  • Information from this report can be used to grow trust-based relationships, strategic knowledge and tactical capabilities.


The retail and hospitality sectors face a diverse pool of cyber threats, influenced by the industry’s value chains, the changing business environment and expanding adversary motivations.

Cyberthreats referenced in the Retail and Hospitality Threat Trend Report run congruent to those experienced during the current COVID-19 crisis, focusing on spaces where potential targets are concentrated, such as e-commerce (consumers) and developing across spaces where potential targets are migrating such as remote workforces and cloud.

Accenture and RH-ISAC are teaming to help retailers and hospitality companies to advance security capabilities, be better informed, and stay one step ahead of sophisticated cybercriminals.

Key themes

With a focus on current and emerging threat trends, this report can be leveraged across various levels of a firm’s cybersecurity leadership to inform business strategy, adversary simulation and threat intelligence priorities. In doing so, the report focuses on the following themes:

  • General trends in cyber threat activity.
  • Cybercriminal groups reuse and elevation of TTPs.
  • The professionalization of the cybercriminal value chain.
  • Continued cyberattacks against hospitality.
  • Expanding market for retail return fraud.
  • Call to action – what your firm can do to disrupt these threats.
The retail and hospitality sectors face diverse cyber threats, influenced by the industry’s value chains, changing business environment and expanding adversary motivations.

Call to action

With a wide variety of cyberthreats to defend against, from ransomware to fraud, retail and hospitality organizations need to prioritize tracking and mitigating risks associated with cyber threats of greatest consequence to their environment. This effort can be aided by pursuing some of the following actions:

  • Information sharing with peers.
  • Tracking cross-sector threats and ripple affects in Retail and Hospitality sectors.
  • Expand adversary simulation to third parties and critical points of failure.
  • Establish a cyber-fraud operating model.

CJ Cui

Managing Director—Retail Security


Rikki George

Senior Principal—Retail Cyber Threat Intelligence

MORE ON THIS TOPIC

State of Cyber Resilience report
Securing the digital economy
Securing customer trust

Subscription Center
Stay in the Know with Our Newsletter Stay in the Know with Our Newsletter