From the Cash Register to the Cloud: The Changing Face of Security in the Retail Sector
Data security is playing an increasingly important role when it comes to the retail industry and its day-to-day operations. It's especially important for retailers as it embodies customer and payment transactions, data entry, and houses inventory and personal information throughout your entire infrastructure. While security is currently not a top priority for retailers, many of which are struggling to keep themselves afloat, it should definitely be on the forefront as they begin to open in phase two.
So, how can retail organizations help combat increasingly complex cyberattacks, especially when many companies are focused on COVID-19? Recent findings from the Verizon Data Breach Investigation Report (DBIR) highlighted that over 70 percent of breaches in 2019 were caused by outsiders. The report also found that new technologies and web applications are beginning to be detrimental to retailers when it comes to protecting the livelihood of their businesses.
Changing Landscapes
Over the last six years, attacks have made a shift away from point-of-sale devices and towards web applications, which are known to be the leading cause of breaches. As more retailers shift to cloud-based services, it’s important to be mindful of web applications as a majority of data breaches seem to be stemming from two main action varieties: the use of stolen credentials and the exploitation of vulnerable web app infrastructure. This year, the DBIR found that over 40 percent of top hacking varieties were caused through the use of stolen credentials.
As more retailers begin shifting to e-commerce and other online shopping variations, experts are seeing an increase when it comes to payment data breaches. While the retail industry isn't subject to some of the political espionage and other motivations surrounding breaches, insights show that over 99 percent of incidents last year were financially motivated. Even though payment data is the most commonly lost data type, personal and credentials also continue to be highly sought after. While this number can be shocking for many retailers, there are measures that businesses can take to ensure that they're protecting the core of their business.
What Can Retailers Do?
To help ensure that your company’s data is stored and protected, retailers should take the following steps and communicate with their employees to help mitigate risk:
- Implement a Security Awareness and Training Program: Educating your staff and the people within your organization is the best way when it comes to protecting the core of the business and its data. Make sure your organization has a plan of attack and proper policies in place in case a data breach occurs.
- Email and Web Browser Protection: Taking the proper measures to help lock down browsers and filter through privacy settings can help significantly limit your risk of a data breach.
- Limitation and Control of Network Ports, Protocols and Services: Understand what services and devices are on your system. Limiting control on external ports and devices can help further secure your business
Although security isn’t unimportant, it’s taken a back seat as business owners shift priorities to keeping their doors open and optimizing e-commerce performance. By keeping security top of mind, retailers will begin to see an increase in productivity while ensuring that their business is financially protected.
Michele Dupré is a group vice president at Verizon Business Group, and is responsible for enterprise customers in the retail, hospitality and distribution verticals as well as customers headquartered in Canada.
Related story: How to Stay One Step Ahead in Retail’s Shifting Cybersecurity Landscape
Michele Dupré is a group vice president at Verizon Enterprise Solutions and is responsible for enterprise customers in the Retail, Hospitality & Distribution Verticals as well as customers headquartered in Canada. In this capacity she is responsible for maintaining and growing a base of more than 160 vertical enterprise customers and over 1000 customers in Canada.
In her role, Michele is charged with driving sales strategy while focusing on acquiring new customers, increasing profitable revenue growth and maintaining the global customer base. Additionally, Michele leads the development and growth of her enterprise leadership and sales team.
Michele’s organization is comprised of sales, sales operations and support personnel who drive business solutions including network and managed services, security, mobility, collaboration, professional services and outsourcing.
Previously, Michele was group vice president for enterprise customers for the Central U.S. Region. With revenue responsibility in excess of $1B and over 3000 accounts she led one of the largest areas in the U.S. In her prior role she was area vice president for enterprise customers in Illinois & Wisconsin and had revenue responsibility in excess of $500M. Before that, she was a branch vice president of Sales for Premier Accounts where she led a team of sales and service professionals responsible for some of the largest global and Fortune 100 Customers’ in Chicago and Wisconsin.
Michele started her career with the legacy company, MCI, in 1988 and has over 25 years of industry experience. Based in Chicago, Michele is also a noted contributor to media publications including Women’s Wear Daily, CNBC.com, USA Today and Forbes among others.