In 2025, you can buy groceries on your lunch break and pick them up on the way home. Click-and-collect has transformed the retail experience, blending the convenience of online shopping with the immediacy of in-store pickup. But what happens when the system behind it breaks down?
Marks & Spencer recently found out. Following a major cyber attack, its click-and-collect services were suspended. Online shopping was halted. In-store inventory ran low. The convenience turned into chaos.
“Online shopping has completely transformed retail,” said Sir Charlie Mayfield, former chairman of John Lewis, on BBC Radio 4’s Today Programme.
“As technology becomes more pervasive, the risk of this kind of attack rises with it.”
The click-and-collect model, once seen as an innovation in fulfilment, has also introduced a new layer of cyber risk, where digital complexity meets real-world dependency.
The Rise of Click and Collect… and Its Risk Surface
Click-and-collect sounds simple: order online, pick up in store. But behind that smooth experience lies a deeply integrated web of systems:
-
Customer apps and e-commerce platforms
-
Inventory management and fulfilment software
-
Warehouse and store coordination tools
-
Payment and refund systems
-
Customer notification systems (email, SMS, app alerts)
Every connection point introduces another vulnerability. A ransomware attack that locks backend servers or encrypts fulfilment databases can halt the entire process, just as it did at M&S.
At Cyber Tzar, we often find that organisations underestimate how many third-party systems and suppliers are embedded into their fulfilment flows, increasing exposure across every link in the chain.
When the digital supply chain breaks, so does the physical one.
From Convenience to Critical Infrastructure
Retailers once treated click-and-collect as a nice-to-have. Now, it’s core business. For many customers, especially post-pandemic, it’s the default.
That shift means outages are no longer just inconvenient, they’re commercially damaging. Downtime hurts revenue, erodes customer trust, and cascades across other channels (e.g., online traffic spilling into understocked physical stores).
Cybercriminals know this. That’s what makes fulfilment models so appealing to attackers: the pain of disruption is immediate and public.
Cyber Tzar works with retailers to stress-test these fulfilment dependencies—identifying which services can cause cascading failure, and which vendors introduce lateral risk into your edge environment.
Edge Computing: A Double-Edged Sword
Many click-and-collect systems depend on edge computing processing data closer to the store or customer rather than relying solely on central servers. This can improve speed and resilience, but it also means more devices, endpoints, and access routes to protect.
Each store might have:
-
Local point-of-sale (POS) systems
-
Handheld inventory devices
-
Smart shelves or stock sensors
-
Integrated staff scheduling and alerts
Every edge node is a potential entry point. More Edge = More Attack Surface = More Risk, if not properly secured and monitored.
Cyber Tzar’s platform enables real-time visibility across distributed systems, helping organisations model lateral movement risk and isolate insecure endpoints, especially in fast-moving retail environments.
Interdependencies Create Fragile Chains
Click-and-collect sits at the intersection of multiple systems: logistics, IT, web development, customer service, and local store operations. That makes it vulnerable to cascading failure.
An attacker doesn’t need to breach all of it—just enough to cause ripple effects. A compromise in customer notifications could lead to missed pickups. A poisoned inventory feed could cause stockouts or overselling. A frozen fulfilment centre could grind an entire region’s orders to a halt.
Understanding these interdependencies—and modelling how failure propagates through them—is key to building true cyber resilience.
So What Can Retailers Do?
-
Map the Attack Surface
Understand which systems support click-and-collect, where they’re hosted, and who manages them. -
Secure the Edge
Apply protection to store devices and handhelds, not just central servers. -
Segment the Network
Limit lateral movement between customer-facing and fulfilment systems. -
Test for Disruption Scenarios
Know what happens if each critical node fails. Rehearse it. -
Communicate Transparently with Customers
Silence erodes trust faster than delay. Prepare the messaging in advance.
Cyber Tzar supports retailers in implementing this resilience approach, turning complex fulfilment chains into visible, measurable systems with clearly modelled risk.
Conclusion: Complexity Without Resilience Is a Risk
The retail revolution was always going to be digital. But as the sector built for speed and convenience, it also introduced complexity. That complexity, left unprotected, is now a threat vector.
Click-and-collect isn’t going away, but retailers must treat it like the critical infrastructure it has become. Because when customers are left waiting for orders that never arrive, they don’t just blame the system. They blame the brand.
Cyber Tzar helps retailers defend the infrastructure behind customer convenience by mapping fulfilment exposure, modelling cascading risk, and benchmarking resilience across their digital estate.
Don’t let edge complexity become your next headline.
