Industry Insights Report reveals top cyber threats in the retail & hospitality sector

Vienna, VA (June 15, 2023) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released the 2023 Retail & Hospitality Industry Insights Report, which analyzes cybersecurity trends in the consumer-facing sector. The report compares key takeaways from the Verizon Data Breach Investigation Report (DBIR) with RH-ISAC member data to provide additional context that helps benchmark the threat landscape against a wider community.

Key findings in the analysis reveal:

• Phishing, ransomware, and credential harvesting were key top threats reported and discussed in the RH-ISAC community, which aligns with top threats in the Verizon DBIR
• Denial-of-Service (DoS) attacks, while present, did not rank as a key threat reported or discussed by the RH-ISAC community, as opposed to being a top threat in the Verizon DBIR
• Member discussion of BEC attacks on sharing platforms increased over 2022, corresponding to the massive increases noted by Verizon
• Members focused heavily on defending against the Log4j vulnerability throughout the first half of 2022, aligning with defense activity reported by Verizon, which slowed as the industry moved to patch quickly
• Attacks targeting customer payment data are among the top concerns for RH-ISAC members, which aligns with the granular view of industry-specific metrics provided by Verizon

A copy of the full report is available to download here.