Targeting Threats with Precision

In today’s world of tap-to-shop and same-day delivery (now even 10-minute delivery!) digital convenience is as vulnerable as it is valuable. At the heart of this new retail landscape lies a fundamental question: Can retailers stay secure without slowing down? For Target, the answer is a multi-layered strategy that blends AI-powered defence, real-time threat intelligence, and a culture of collaboration. In this exclusive interaction with Minu Sirsalewala, Executive Editor, Dataquest, Visagan Subburayalu, VP, Cybersecurity and Infrastructure, Target in India, shares how it stays several steps ahead of cybercriminals, even when the rules of the game are constantly being rewritten.

What is Target’s overarching cybersecurity strategy and how does it create a proactive defence against emerging threats?

Our cybersecurity strategy is anchored in an intelligence-driven approach that focuses on three key capabilities: Cyber Solutions, Cyber Defence, and Cyber Risk. We create patented solutions tailored to our environment, leveraging advanced tools and technologies. By collaborating across the industry, we enhance our threat intelligence, allowing us to stay one step ahead of cyber threats.

Security is deeply embedded in our culture through mandatory training, awareness programs, and security-by-design in our tools. This holistic approach ensures we maintain a strong, adaptive security posture across the enterprise.

With seamless shopping across stores, online, and same-day delivery, security risks are everywhere: APIs, mobile apps, third-party integrations. What’s the toughest part of securing this hybrid retail experience, and how do you balance security with customer convenience?

The shift in shopping behaviour toward digital and contactless experiences has also changed the fraud landscape. Fraudsters have adapted, and we’ve had to evolve faster. Our challenge is to prevent fraud without creating friction for real guests.

We use a three-pronged strategy: researching criminal behaviour, preventing and detecting attacks, and rapid investigation and response. For instance, retail fraud rings now openly sell handbooks online; we track these patterns just like cyber threats. We’ve embedded custom fraud mitigation directly into the returns flow, allowing us to detect anomalies without interrupting genuine customers.

Our in-house engineering lets us respond in real time to evolving tactics. And more broadly, we view cybersecurity as a team sport — internally and across the retail ecosystem. Given the growing scope of organised retail crime, collaboration has never been more critical.

Retailers collect massive amounts of customer, payment, and behavioural data — a hacker’s dream. How does Target protect this sensitive data while ensuring privacy and compliance?

We operate a 24/7 Cyber Fusion Centre, staffed by in-house experts who monitor threats, assess risks, and engineer real-time solutions. Our top priority is protecting personal information while ensuring full compliance with applicable laws.

But we also know today’s risks extend beyond any single organisation. That’s why we actively collaborate across the ecosystem — with companies, industry groups like DSCI (Data Security Council of India), and even our competitors. Cybersecurity is not a competitive advantage — it’s a shared responsibility.

Hackers are using AI for deepfake scams, credential stuffing, and automated attacks. How is Target using AI-driven cybersecurity to defend against these evolving threats?

AI is transforming the threat landscape, especially in phishing and social engineering. Our Cyber Threat Intelligence (CTI) team tracks how cybercriminals are using AI to innovate faster than traditional defence mechanisms.

At Target, we combine data science and advanced AI analytics to monitor patterns, detect anomalies, and respond in real time. Our AI-driven approach helps identify risks before they escalate, ensuring our teams can act quickly. We also continue to integrate proprietary tools and external intelligence sources into our cybersecurity framework, allowing us to stay dynamic and responsive.

Looking ahead 3–5 years, what are some of the next big cybersecurity challenges that retailers should be preparing for?

Ransomware will remain a top concern, but its execution is evolving. We’re seeing cybercriminal operations mimic startup models — selling tools and playbooks, forming syndicates, and expanding into physical retail fraud: everything from gift card scams to loyalty program abuse.

The biggest challenge ahead? Staying proactive without losing focus on foundational threats. That requires continuous innovation, cross-sector intelligence sharing, and most importantly, a unified ecosystem approach.