Voice of SecOps Spotlight: ’Tis the Season for Online Sales—and AI-Fueled Cyberattacks

As vacation gross sales surge, retailers face rising AI-driven cyber threats, highlighting the pressing want for preemptive, next-gen safety methods.

With Black Friday, Cyber Monday, and peak holiday shopping just weeks away, retailers anticipate record-breaking sales volumes — paired with a sharp surge in cyber risk. The large movement of delicate information, cloud file transfers, and third-party integrations makes this the most harmful time of yr.

Deep Instinct not too long ago launched the sixth version of its Voice of SecOps Report, Cybersecurity & AI – Promises, Pitfalls, and Prevention Paradise, which sheds mild on how leaders throughout seven industries, together with the retail and eCommerce sector, are bracing for this problem. The report reveals a transparent warning: whereas AI is driving unprecedented productiveness positive aspects for retail safety groups, it’s additionally exposing new vulnerabilities that legacy defenses can’t deal with.

Our analysis discovered that 54% of retail safety groups consider file-based assaults are a reasonable or important risk to their group, with 53% involved about weaponized recordsdata uploaded to native or cloud storage environments. This underscores the significance of preemptive data security throughout retail enterprises.

Here’s what else our Voice of SecOps information discovered when spotlighting the retail and eCommerce sector:

AI Is Powering Retail Ahead of Holiday Shopping

Retail cybersecurity groups are amongst the most aggressive adopters of AI, with 95% of retail respondents having deployed AI-powered safety capabilities. In flip, they reported saving a median of 13 hours per week, outpacing the total cross-industry common of over 11.5.

The sentiment is overwhelmingly optimistic: 78% of respondents say generative AI makes SecOps work simpler, whereas simply 8% say it makes their jobs more durable. AI is rising as a power multiplier for retail, particularly throughout the peak gross sales season when velocity and scale are important.

The Retail Industry’s Cybersecurity Strategy Is Falling Behind AI Governance

Retailers aren’t ignoring AI dangers — they’re embracing AI governance, particularly with the vacation buying season approaching. Nearly three-quarters (72%) of safety groups have a devoted group actively monitoring AI outputs, whereas the relaxation report at the very least some degree of oversight. Executive stress is mounting as effectively, with 53% noting elevated board-level demand for stronger preventive measures in comparison with final yr, as organizations put together for the surge of Black Friday, Cyber Monday, and vacation gross sales exercise.

But right here’s the disconnect: whereas 51% of retail safety groups have applied AI-specific defenses (from governance frameworks to AI-driven detection), one in 4 (24%) admit their group’s cybersecurity technique has not modified to exchange outdated, ineffective safety instruments over the previous yr.

In different phrases, AI governance is occurring, however cybersecurity instruments haven’t caught up. Retailers threat bolting AI controls onto outdated instruments and playbooks as an alternative of rethinking preventative defenses from the floor up.

EDR Alone Won’t Protect Retailers This Holiday Season

Three out of 4 (74%) retail respondents say their group is focusing extra on endpoint detection and response (EDR) this yr in comparison with 2024. But EDR is reactive by nature, solely catching assaults after they’ve already brought about harm. In the high-stakes vacation buying season, that delay can imply misplaced gross sales, irreparable buyer belief, and lasting model harm.

For retail CISOs, the message is obvious: as adversaries more and more weaponize AI, ready to reply is now not viable. The {industry} wants to maneuver past chasing breaches, and as an alternative, shift towards preemptive information safety, a class Gartner not too long ago outlined as stopping threats in actual time, minimizing publicity, and giving defenders the higher hand. Powered by superior AI, most predominantly deep learning, preemptive information safety options are in a position to detect and block each identified and unknown threats in milliseconds, earlier than they will do harm.

This vacation season, AI-driven preemptive safety isn’t a nice-to-have — it’s the distinction between a profitable peak gross sales interval and a pricey breach.

For extra data, please obtain the full 2025 Voice of SecOps Report by visiting https://www.deepinstinct.com/voice-of-secops-reports.

To study extra about defending your self from AI-driven threats, request a free scan to see preemptive information safety in motion throughout your surroundings.

Survey Methodology

Sapio Research surveyed 500 senior cybersecurity specialists, together with 76 from retail and  eCommerce corporations, with 1000+ workers in the U.S. The interviews have been performed on-line in April 2025 utilizing an e mail invitation and an internet survey. For this particular report, the C-suite is outlined as those that maintain chief, international, head of division, or director roles, whereas reviews are those that maintain a supervisor, administrator, analyst, workforce lead, or officer function.

The submit Voice of SecOps Spotlight: ’Tis the Season for Online Sales—and AI-Fueled Cyberattacks first appeared on AI-Tech Park.