In the past, it was easy enough for retailers to just lock the doors to the store at night and arm the alarm system in order to prevent theft. Today as businesses, more specifically retailers, strive to be Omni-Channel businesses and engage with consumers 24/7/365, in whatever channel is convenient at that moment, locking the doors is simply not enough to keep their business safe. Now, stores are not just physical places, but virtual ones that can be accessed, and also breached, anywhere at any time and from multiple devices.
Taking a look at the current landscape of data security within the retail market, I’ve seen many businesses take the preventative approach to securing their data. This includes their adherence to standards, implementing up-to-date hardware and software, threat detection tools and securing business processes such as consistent security patching, monitoring, etc. On the other hand, there still continues to be many businesses that take a more reactionary approach to data protection, waiting only until their data has been compromised to work to find the possible breach. After the daily examples in the news of some of the major retailers in the United States being compromised, I’ve seen more and more businesses begin to realize that security is not a static condition; as new threats emerge or are identified, the industry and their business needs to react and evolve to the threat. Retailers need to monitor the security landscape and adjust the way they do business to maintain a secure environment and protect their customers’ sensitive personal data.
What Do Hackers Typically Want out of Retailer Data?
Depending on the objective, malicious hackers (and the ones that gain the most publicity) are usually trying to obtain credit card and/or personal info which they can then sell on the open market to people that use the data to commit fraudulent purchases and/or ID theft. A well-executed breach can obtain personal and payment information from millions of consumers resulting in huge expenses for the retailer.
A Gartner industry analyst estimated possible losses of over $400 million for Target, including reimbursing to banks the costs of reissuing millions of cards; fines from the card brands for PCI non-compliance, legal fees and credit monitoring for millions of customers.
[to continue, click HERE]