Retailers are facing heightened cybersecurity risks due to the convergence of physical and digital worlds, increased regulation, and more sophisticated cybercriminals, prompting 30% of them to feel unprepared for future threats. As a result, the role of the retail Chief Information Security Officer (CISO) is expanding to encompass a broader range of responsibilities, including managing supply chain vulnerabilities and hardening attack surfaces for Internet of Things (IoT) devices. A key strategy involves upskilling teams to reduce human error, which has been identified as a primary cause of material breaches, and investing in Security Information and Event Management (SIEM) systems to improve response times to data breaches. The report highlights that effective supply chain risk management, prioritizing IT and OT asset protection, and enhancing cybersecurity training are critical in mitigating these risks. With 44% of retailers planning significant investments in IT and OT security and a focus on modernizing SIEM strategies, the industry is taking steps to adapt to the evolving cybersecurity landscape.