Ciaran Hayes
Technical Solutions Lead Arrow ECS EMEA
August 15, 2025
4 Min
In this year alone, cyberattacks have hit multiple retailers resulting in hundreds of millions of pounds in losses. Many attacks exploit weaknesses in traditional VPNs—weaknesses that so many threat actors rely on to steal customer data, disrupt online orders and wreak havoc on operations. The impact on business is immediate—stock drops, systems stall and public trust wavers.
Retailers are especially vulnerable. They depend on e-commerce, third-party vendors and hybrid teams, all of which expand the attack surface. One stolen credential can unlock a web of systems—and when defenders rely on implicit trust within the network, it’s already too late. Some companies react by shutting down their systems. But that doesn’t solve the problem—it just grinds operations to a halt.
Preparation is the smarter path. Zero Trust Network Access (ZTNA) paired with Data Loss Prevention (DLP) offers a way forward: tighten access, secure sensitive data and keep businesses running, even under pressure.
Recent attacks exploited VPN vulnerabilities, still a common weak link in retail. Broad network access allows attackers to steal customer data (names, addresses, order histories) and disrupt operations, including e-commerce and supply chains.
With 56% of organizations experiencing VPN-related cyberattacks, these attacks reflect a broader trend: traditional perimeter-based security fails in today’s distributed, cloud-first world. Retail’s reliance on customer data and online platforms makes it an especially prime target.
Shutting down IT systems might seem like a fast fix, but it just disrupts operations further. Experience shows how such measures cripple business continuity, alienating customers and stunting revenue. Instead, prevention—not panic—using modern tools like ZTNA and DLP directly addresses core issues: overly broad access, limited visibility and weak data controls. These tools also support work-from-home (WFH) initiatives while maintaining compliance with regulations like the EU’s General Data Protection Regulation (GDPR).
ZTNA replaces VPNs with an identity-centric, “never trust, always verify” approach that reduces the attack surface. Instead of blanket access, users reach only specific apps based on identity, device and context. Continuous monitoring and microsegmentation stop lateral movement. Its cloud-native design also keeps remote access secure without slowing down your users.
DLP complements ZTNA by finding and classifying sensitive data across cloud, endpoints and SaaS platforms. It flags high-risk assets like customer databases and monitors data movement, such as downloads to personal devices. With a clear view of sensitive data, DLP ensures ZTNA policies target the most critical assets first, significantly reducing your risk of breaches. For example, DLP can flag GDPR-covered customer data, prompting stricter access controls to prevent theft.
Together, ZTNA and DLP secure remote users without compromising productivity. DLP finds where sensitive data lives (in Salesforce, for instance, or on the local network), while ZTNA restricts access based on identity and device context, blocking attackers even if credentials are stolen. Integration with SIEM tools enhances visibility for rapid incident response. Together, they detect insider threats, speed up response with SIEM integration and keep tools like Microsoft 365 secure. Yes, even on home Wi-Fi.
Rolling out ZTNA and DLP doesn’t have to be all or nothing. This phased approach helps build a comprehensive information security stac
ZTNA replaces VPNs with an identity-centric, “never trust, always verify” approach that reduces the attack surface. Instead of blanket access, users reach only specific apps based on identity, device and context. Continuous monitoring and microsegmentation stop lateral movement. Its cloud-native design also keeps remote access secure without slowing down your users.
Start with visibility. Deploy DLP to scan all environments—on-premises, cloud, endpoints and SaaS—for sensitive data. From a retail perspective, this will scan customer databases and loyalty programs as high-risk due to PII and GDPR exposure. In 1–2 months, you’ll have a prioritized asset inventory to guide ZTNA’s rollout.
Apply ZTNA to the assets flagged by DLP, using fine-tuned access controls. This can include securing e-commerce systems with MFA, device compliance and role-based access. ZTNA hides apps from the public internet and can revoke access if DLP detects risky behavior. This 2–3-month phase locks down critical systems with minimal disruption.
Test your setup with WFH groups who handle sensitive data, like customer support or third-party vendors. DLP monitors these users’ data interactions, while ZTNA enforces strict access rules. Setting aside 1–2 months for a pilot can help smooth adoption and address friction in user training.
Expand ZTNA and DLP to more assets and users over 6-12 months, using pilot feedback to refine policies. DLP’s ongoing monitoring updates the data inventory, while ZTNA scales to cover all work-from-anywhere scenarios. Integration with existing security tools (like SIEM tools) can further improve your threat detection and response.
Cyberattacks should be a wake-up call to action. As digital footprints grow, so do the stakes—and ZTNA’s ability to isolate apps, verify every access attempt and support remote work makes it a must-have. With implementation costs dwarfed by potential breach fallout, the investment is a no-brainer. GDPR fines, customer trust erosion and major business disruption aren’t risks worth gambling on.
The bottom line: Cyber attacks are inevitable, but preparation can prevent catastrophe. Together, Symantec ZTNA and DLP help secure your critical assets and enable WFH without resorting to extreme measures like shutting down systems. By starting with DLP to identify sensitive data and ZTNA to secure access, businesses can protect their crown jewels—customer data, e-commerce platforms and more—while maintaining operational continuity.
Now is the time to act: Test and adopt Symantec ZTNA and Symantec DLP to future-proof your organization, avoid the fate of recent victims and build a resilient, secure digital future. To get started, contact your local partner.