Retail now accounts for 22 per cent of all response engagements, up from 12 per cent the previous year, according to the annual Global Threat Intelligence Report.
The rise has been put down to shops processing increasingly large volumes of personal information such as credit card details.
The financial services sector has previously been identified as ideally suited for cyber criminals.
Companies have generally found to be increasingly reporting data breaches. Investigations are up to 28 per cent of all attacks compared to 16 per cent the previous year, with many incidents focused on theft of data and intellectual property.
Worryingly, the latest survey figures indicate only a slight increase in organisations that are not properly prepared, despite the rise in security attacks and data breaches.
The report compares threat trends since 2013 and 2016 and has found little improvement in preparedness with on average 77 per cent of organisations being labelled as unprepared.
There have recently been a number of high profile and costly data breaches at UK companies.
Garry Sidaway, vice president at report authors NTT Com Security, blamed security fatigue from too many high profile security breaches, information overload and conflicting advice – combined with the sheer pace of technology change, lack of investment and increased regulation. He said:
Prevention and planning for cyber security incidents seems to be stagnating. This is a real concern. Facing security challenges that didn’t exist last year, let alone a decade ago, and struggling with a shortfall in information security professionals, many organisations no longer have the necessary skills or resources to cope.
The report also warned over the rising threat from within businesses and phishing attacks.
Internal threats jumped to 19 per cent of overall investigations – from just two per cent in 2014. Many of these were found to be the result of employees and contractors abusing information and computing assets.
So-called phishing attacks, tricking companies into revealing information, accounted for approximately 17 per cent of incident response activities in 2015, up from two per cent previously.
Many of these attacks were found to target executives and finance personnel.