Retailers Are The Second Most Targeted Sector For Cyber Criminals. What Is The Industry Doing About It

+ more

Retailers are being hacked at a high volume with around 52% suffering some kind of cyberattack, according to the Thales Data Threat Report on Retail.[1] While retailers are ramping up spending for security, with 77% increasing it, they are still a huge target. In fact, they are the second most targeted sector after government. Why? Because cybercriminals want consumer information, and sometimes retailers are just making it too easy for them to steal it.

Has Retail Learned Nothing from the Target Breach?

It’s been nearly five years since one of the largest retail breaches in history occurred. It impacted 41 million consumers and cost Target $18.5 million. While it was a third-party vendor that allowed the hackers in, Target was still vulnerable on its own around logging and authorizations. Before the Target breach, the retail space as a whole was woefully unprepared. The retail infrastructure has only expanded since then. Retailers collect more data, use cloud storage more than ever, and have added Internet of Things (IoT) devices to their networks. This gives cybercriminals even more opportunity.

The need for better encryption and security methods is obvious. But with cyber attacks and breaches making regular headlines, what are retailers doing now to thwart this risk?

Shifting from Reactive to Proactive

Retailers have long been concerned about shrinkage in the physical sense and have developed sophisticated workflows to reduce it. They need to turn that same obsession to their digital footprint. Because data breaches can be much costlier than shrinkage, hitting profits and their reputation.

The top things retailers should consider are:

  • Strengthen domain and network security
  • Establish strong password policies
  • Keep software updated, as this is a typical “doorway” into networks
  • Segment networks and group by the sensitivity of the information
  • Employ ethical hackers to find weaknesses
  • Educate employees about cybersecurity (human error continues to be a weak link and the leading entry point)

Hackers won’t stop pursuing retailers and their treasure trove of data. Retailers must shift to a proactive rather than reactive approach to cybersecurity. Their information security focus needs to be on prevention rather than mitigation. When retailers commit to this and enact these six practices, the target on their back may begin to fade.

[1] https://dtr-retail.thalesesecurity.com/

Latest

Track to the Future: Array Technologies Achieves ISO 9001:2015 Certification
April 20, 2021
Array Technologies recently completed its ISO audits and ISO certification. This exciting step in Array Technologies' growth was the main topic of conversation for this episode of Track to the Future. Travis Read more
Experience Evolution: A JRNI through Experiential Relationship Management
April 20, 2021
 JRNI is a platform for scheduling and managing personalized experiences for retail, banks, credit unions and other financial institutions. John Federman, JRNI’s CEO, helped kick off the inaugural episode of the Read more
E2B: Energy Industry Cybersecurity Threats In The Digital Age
April 20, 2021
  Are energy companies taking cybersecurity seriously? Are they shifting focus to application security? E2B host Daniel Litwin speaks with Dan Cornell, Chief Technology Officer of the Denim Group and Kent Read more