As holiday sales surge, retailers face rising AI-driven cyber threats, highlighting the urgent need for preemptive, next-gen security strategies.
With Black Friday, Cyber Monday, and peak holiday shopping just weeks away, retailers anticipate record-breaking sales volumes — paired with a sharp surge in cyber risk. The massive flow of sensitive data, cloud file transfers, and third-party integrations makes this the most dangerous time of year.
Deep Instinct recently released the sixth edition of its Voice of SecOps Report, Cybersecurity & AI – Promises, Pitfalls, and Prevention Paradise, which sheds light on how leaders across seven industries, including the retail and eCommerce sector, are bracing for this challenge. The report reveals a clear warning: while AI is driving unprecedented productivity gains for retail security teams, it’s also exposing new vulnerabilities that legacy defenses can’t handle.
Our research found that 54% of retail security teams believe file-based attacks are a moderate or critical threat to their organization, with 53% concerned about weaponized files uploaded to local or cloud storage environments. This underscores the importance of preemptive data security across retail enterprises.
Here’s what else our Voice of SecOps data found when spotlighting the retail and eCommerce sector:
AI Is Powering Retail Ahead of Holiday Shopping
Retail cybersecurity teams are amongst the most aggressive adopters of AI, with 95% of retail respondents having deployed AI-powered security capabilities. In turn, they reported saving an average of 13 hours per week, outpacing the overall cross-industry average of over 11.5.
The sentiment is overwhelmingly positive: 78% of respondents say generative AI makes SecOps work easier, while just 8% say it makes their jobs harder. AI is emerging as a force multiplier for retail, especially during the peak sales season when speed and scale are critical.
The Retail Industry’s Cybersecurity Strategy Is Falling Behind AI Governance
Retailers aren’t ignoring AI risks — they’re embracing AI governance, especially with the holiday shopping season approaching. Nearly three-quarters (72%) of security teams have a dedicated group actively monitoring AI outputs, while the rest report at least some level of oversight. Executive pressure is mounting as well, with 53% noting increased board-level demand for stronger preventive measures compared to last year, as organizations prepare for the surge of Black Friday, Cyber Monday, and holiday sales activity.
But here’s the disconnect: while 51% of retail security teams have implemented AI-specific defenses (from governance frameworks to AI-driven detection), one in four (24%) admit their organization’s cybersecurity strategy has not changed to replace outdated, ineffective security tools over the past year.
In other words, AI governance is happening, but cybersecurity tools haven’t caught up. Retailers risk bolting AI controls onto outdated tools and playbooks instead of rethinking preventative defenses from the ground up.
EDR Alone Won’t Protect Retailers This Holiday Season
Three out of four (74%) retail respondents say their organization is focusing more on endpoint detection and response (EDR) this year compared to 2024. But EDR is reactive by nature, only catching attacks after they’ve already caused damage. In the high-stakes holiday shopping season, that delay can mean lost sales, irreparable customer trust, and lasting brand damage.
For retail CISOs, the message is clear: as adversaries increasingly weaponize AI, waiting to respond is no longer viable. The industry needs to move beyond chasing breaches, and instead, shift toward preemptive data security, a category Gartner recently defined as stopping threats in real time, minimizing exposure, and giving defenders the upper hand. Powered by advanced AI, most predominantly deep learning, preemptive data security solutions are able to detect and block both known and unknown threats in milliseconds, before they can do damage.
This holiday season, AI-driven preemptive security isn’t a nice-to-have — it’s the difference between a successful peak sales period and a costly breach.
For more information, please download the full 2025 Voice of SecOps Report by visiting https://www.deepinstinct.com/voice-of-secops-reports.
To learn more about protecting yourself from AI-driven threats, request a free scan to see preemptive data security in action across your environment.
Survey Methodology
Sapio Research surveyed 500 senior cybersecurity experts, including 76 from retail and eCommerce companies, with 1000+ employees in the U.S. The interviews were conducted online in April 2025 using an email invitation and an online survey. For this specific report, the C-suite is defined as those who hold chief, global, head of department, or director roles, while reports are those who hold a manager, administrator, analyst, team lead, or officer role.