With the UK’s National Cyber Security Centre reporting a 50% jump in cybersecurity incidents in the past 12 months alone – and high-profile attacks on businesses including the Co-op and Harrods – retailers are having to think seriously about continuity planning. IBM’s 2025 Cost of a Data Breach Report also found that the average global cost of a breach is $4.44M.
At the same time, most customer touchpoints in retail are now powered by marketing technology. Whether it’s CRM platforms, email automation, AI chatbots, SEO tools or social media, martech has become the de facto connection between retail brands and consumers, especially for managing the Holy Grail of customer data.
Go deeper with GlobalData
Discover B2B Marketing That Performs
Combine business intelligence and editorial excellence to reach engaged professionals across 36 leading media platforms.
That’s problematic on two levels: first, martech is how retailers communicate with people in the event of a cyber incident; and second, what happens to trading and customer trust when the marketing stack itself goes dark?
The truth is that marketing continuity must be treated as a critical part of cyber-resilience. Without the right martech and processes in place, the long-term brand and reputational risks can be as costly as short-term income loss.
Customer communication matters
Crisis communication can no longer be divorced from martech strategy. In the event of a data breach or related incident, retailers must have processes in place to keep customers informed. Crisis management is not simply a strategic PR issue when martech is the delivery mechanism.
With that in mind, is customer data up to date and capable of reaching everyone it needs to? It’s usually held in the CRM platform – which makes that tool as much about business continuity as it is about sales and marketing.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataThere’s a strong argument that it should, at least in part, sit within the continuity budget. Better customer data flow is a business-critical investment that delivers value across multiple departments.
Gartner research suggests organisations are using only a third of their martech stack, which is a good starting point for reassessment. Investment in data and fit-for-purpose technology can lead to better utilisation and keep sales and marketing moving even during an attack.
This may involve investing in dark tools or remote servers that help the business stay operational during an incident, but it could also become a lever for attracting and retaining customers. Cyber-attacks are not going away – they’re becoming more common – and people are watching to see which retailers respond well.
Automation is not always best
There is a tendency to rely on automated communications, but this can backfire during a cyber-attack. Customers should not receive emails promoting a BOGOF offer if the ecommerce site is down, just as airlines should not send SMS messages or push notifications asking how a holiday went if flights were cancelled due to a volcanic eruption.
The human touch still matters, even in automated workflows. Without proper thought, retailers risk appearing insensitive. This is why developing a flexible approach is so important.
Customers are not homogeneous, either. Shoppers in the UK should not receive warning messages about an incident affecting only the US arm of the business. It’s avoidable damage to brand reputation.
Protecting the castle
As the NCSC warns, these incidents are not going away. Most experts consider them almost inevitable. The old idea of a cybersecurity “moat” no longer applies – the focus is now on reducing points of entry and limiting damage once an intruder is inside.
A poorly designed martech stack can be one such entry point. Too many retailers have martech “Frankenstacks”: a haphazard mix of systems and platforms that don’t talk to each other or replicate the same functions, often with shiny new AI tools bolted on top. Within these stacks may lie legacy systems that are vulnerable because they aren’t monitored or updated.
Intruders have a clear incentive to target these stacks: customer data. That’s a compelling reason to audit what data is truly necessary. Removing data that isn’t needed – particularly from older systems – reduces vulnerability and can significantly cut storage costs.
Retailers should also examine the third-party technology they rely on. While the latest AI tool may be the flavour of the month, it’s worth questioning whether it genuinely adds value. Every piece of third-party tech represents another potential doorway into the castle.
Marketing resilience
Much has been written about Marketing Experience (MX) – how marketing teams use their growing number of tools, processes and platforms. When it comes to cyber-resilience, MX can include everything from analogue backups to faster decision-making and cross-functional planning.
The martech stack is not only a potential security risk in itself; it’s at the heart of how retailers respond to incidents. The more efficient, effective and secure the stack – and the data within it – the more resilient a retail business will be when the hackers come knocking.
About the Author: Steve Kemish is the CEO of Intermedia Global, a data-led B2B marketing agency.
