Although\u00a0Willie Sutton denied having said it, we\u2019ve all heard the quote attributed to him\u00a0about\u00a0 why\u00a0he robbed banks: \u201cBecause that\u2019s where the money is.\u201d Nowadays, money\u00a0can be found\u00a0in lots of places other than banks, including the burgeoning\u00a0e-commerce\u00a0market. With online shopping estimated to exceed\u00a0$1.5-$2\u00a0trillion\u00a0once the year\u2019s receipts\u00a0are tallied, the e-commerce sector is an attractive target for\u00a0cyberthieves.\u00a0There\u2019s\u00a0more than money to be had by breaching\u00a0e-commerce\u00a0sites, of course. These sites often store payment card numbers and other sensitive customer data. Information of that type\u00a0can be sold as another route to getting money, or used for other\u00a0criminal\u00a0purposes, including identity theft.Complicating the challenges of securing\u00a0e-commerce\u00a0sites is their proliferation\u00a0combined\u00a0with the\u00a0variety of\u00a0ways in which\u00a0they\u2019re\u00a0used.\u00a0Even if the sites themselves have strong security protections, the devices accessing them and the networks carrying\u00a0e-commerce\u00a0often\u00a0don\u2019t. For example, individual stores have created their own\u00a0apps, which\u00a0can be\u00a0easily\u00a0compromised\u00a0if\u00a0they\u2019re\u00a0not\u00a0securely designed.\u00a0Most notable from a security perspective, however, is the increased use of mobile devices for online shopping. During 2016,\u00a060 percent\u00a0of transactions confirmed as fraudulent originated from a mobile device,\u00a0according to security firm RSA.With mobile transactions expected to outpace Web transactions for the first time during 2017, RSA also expects to see fraud to grow rapidly.\u00a0The fact that many users access\u00a0e-commerce\u00a0sites over free and unsecured Wi-Fi networks introduces another point of vulnerability in these online transactions.Helping to counter\u00a0the\u00a0increasing\u00a0mobility\u00a0risk will be a combination of biometric authentication technologies on mobile devices, along with risk-based transaction monitoring solutions.\u00a0For better protection against rogue Wi-Fi networks, customers can also turn to solutions such as those offered by\u00a0third party vendors.Beyond\u00a0mobility-specific security controls,\u00a0the portfolio of security\u00a0technologies\u00a0continues to grow\u00a0larger and become more sophisticated. Among the most important tools now available to\u00a0e-commerce\u00a0site operators are security information and event management (SIEM) systems and advanced threat and incident management (ATIM) systems and services.Given the volume of traffic and transactions at many\u00a0e-commerce\u00a0sites,\u00a0there\u2019s\u00a0no way human security analysts can monitor all of the events and activities occurring in real time. ATIM solutions can scan huge volumes of data looking for indicators of compromise as well as for multi-stage tactics, techniques and procedures. If they integrated ATIM outputs with SEIM systems, organizations\u00a0could\u00a0automate not just the identification of\u00a0cyberthreats, but also the initial response to\u00a0help\u00a0counter them.E-commerce\u00a0is too established and too popular to do anything but continue to grow.\u00a0E-commerce\u00a0sites will continue to attract the attention of\u00a0cyberthieves\u00a0and hackers, meaning that site\u00a0operators\u00a0should be among the most aggressive\u00a0when\u00a0it comes to deploying multi-layered and cutting-edge security protections.Dwight Davis has reported on and analyzed computer and communications industry trends, technologies and strategies for more than 35 years. All opinions expressed are his own. AT&T has sponsored this blog post.