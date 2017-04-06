sponsored

Retail’s digital challenge hits home

Cybercriminals routinely target retail in hopes of stealing valuable customer information, such as credit card data. In fact, retail now suffers the most attacks per client of any industry sector and sustains three times as many attacks as the financial industry.

The problem has become so acute that 89 percent of cyberexecutives in the retail industry reported that their companiehad been compromised by attacks in the past 24 months. Retail cyberdefenses were generally in such disarray that researchers two years ago discovered it took an average of 197 days before the companies detected advanced threats on their networks.   

No longer on the backburner 

In 2007, just 26 percent of the companies surveyed by BDO’s Retail Risk Factor
reported cybersecurity as a potential risk to their business. Last year all of them did.  
 
Changes in technology and regulatory policy have also forced boardrooms to pay more attention to the problem.  
 

For instance, retailers and merchants now face added fraud liability as a result of rules imposed by the credit card industry late in 2015 requiring retailers to upgrade to modern card readers that accept EMV (Europay, MasterCard, Visa) chips. These systems, which are meant to enhance security, call for users to insert, not swipe, their cards. 

 

But they also move fraud liability away from banks to retailers who don’t add the new equipment. 

 

Meanwhile, the imposition of new data privacy regulations, here and overseas, raises the stakes for retailers to button up their cybersecurity defenses sooner, rather than later. A new European data protection law that takes effect next year will impact any retailer marketing to E.U. residents, even if they only do business over the internet. If the retailer’s digital protections fail, for example, a resulting data breach could leave the company vulnerable to stiff fines and lawsuits.  

In response, headway is being madeRetail spending on cybersecurity once lagged behind other major sectors, for example banks and healthcare companies. Despite the added expense, retailers are stepping up their investments in new technologies, such as their adoption of chip-and-PIN credit cards, and the result has been a decrease in the rate of credit card fraud. 

While retail IT security managers increasingly express confidence in their ability to face down new cyberthreats, they need to invest in a multilayered defense that has worked for other sectors. They also should install a full complement of breach detection technologies including anti-virus software, intrusion detection systems and malware detection.

  

At the same time, they need to review standing policies and procedures to eliminate weaknesses in their cyberdefenses. 

 

The same goes for patching software vulnerabilities and eliminating out-of-date products that pose security problems. 

 

Companies also need to make cybersecurity foundational and impress upon employees the urgency around good cybersecurity practices. 

 

The bad news is that retail is still viewed as low hanging fruit by cybercriminals. The good news is that it doesn’t take much to send the bad guys home empty-handed. 

 

Charles Cooper has covered technology and business for the past three decades. All opinions expressed are his own. AT&T has sponsored this blog post. 

Related:
How much is a data breach going to cost you?
You Might Like
Most Popular
turbotax deal
40% off TurboTax Deluxe 2016 Tax Software Federal & State - Deal Alert

No Tax Knowledge Needed. TurboTax will ask you easy questions to get to know you and fill in all the...

volitale up down market stocks mixed
Scottrade Bank data breach exposes 20,000 customer records

Scottrade Bank, a subsidiary of Scottrade Financial Services, Inc., recently secured a MSSQL database...

unlocked phones
Amazon Unveils Deep Discounts On Select Unlocked Phones, Tues and Wed Only -

If you're in the market for an unlocked phone, you'll save serious cash by buying one of these on...

BrandPosts
Learn more
Featured Stories
what it takes to become an application security engineer cover
What it takes to become an application security engineer

Application security engineers earn more money than application engineers and are in high demand, but...

headache man
Antivirus headaches that compromise browser security

Why web browsers leave security engineers constantly playing defense.

medical records laptop doctor
How to securely deploy medical devices

Open Web Application Security Project (OWASP) has released a set of best practices for the secure...

kevin mitnick
Cousin Kevin Mitnick, entrepreneur

Kevin Mitnick, entrepreneur and hacker, KnowBe4, chief hacking officer