Whether its online or in person, Americans love shopping. We swipe our credit cards at the register on the weekdays and peruse the latest e-commerce deals on the weekends. We just can't seem to get enough - and we expect these businesses to keep our information safe.
But truth be told, retail companies are a prime target for hackers and cyber crooks. That's because retailers house a trove of customer data including personal and financial information.
Did you know that nearly one in three retailers has suffered revenue losses as a result of a cyberattack? It's time for retailers to step up and protect themselves from these digital threats. Don't become another statistic. Invest in cybersecurity insurance from CyberPolicy today!
Hacking Your Favorite Stores
Recently, Kmart (a retail chain owned by Sears Holding Corp.) was struck by a malicious cyberattack that involved unauthorized credit card activity following certain customer purchases. While the details are still under investigation, Kmart assured its customers that no personal information was stolen, and only credit card numbers had been compromised. Similar incidents have struck Target, Home Depot and Macy's.
According to Retail Dive, only half (52 percent) of retail organizations consider their security infrastructure up to date. That's not ideal. It's very important that retailers understand the various attack vectors hackers use to infiltrate their systems. Below are just a few examples.
Multichannel: It's difficult to effectively monitor data security because retail businesses sometimes employ a multichannel strategy to engage customers and share data across various locations, stores and departments. The unfortunate downside to this is that hackers can sometimes steal data in transit if it's not encrypted, or they can hack a single employee and use their access to pinch the information they need. Instead, retailers should silo their data to prevent unbridled access from compromised employees.
Outdated Infrastructure: Some retailers are stuck with aging systems due to having limited funds to invest in IT infrastructure, which can lead to security gaps and more problems down the line. Businesses should either bite the bullet and budget for more robust systems or hire an external security agency to monitor these antiquated systems. It might be pricey, but it's better than losing thousands of dollars and customer confidence.
Internet of Things: IoT technologies are an exciting advancement, but they are also notoriously lacking in security protocols. This can cause big problems including an increase in distributed denial-of-service (DDoS) attacks, remote monitoring and compromised smart sensors. If retailers do use IoT technologies, they should be sure to prepare for incidents early on.
Ransomware: For those who don't know, ransomware is a form of malware that locks legitimate users out of a device or service until a ransom is paid (often in the form of a Bitcoin transaction). Ransomware attacks have surged in 2017, threatening businesses of all sizes. Retailers can stymie this by hosting cybersecurity trainings for their staff, urging everyone to avoid opening suspicious emails, attachments, links and downloads.
Point of Sale: EMV chips offer encryption on in-person sales, but there still exists POS vulnerability for online shoppers. The best way to stop this is to employ automated threat detectors that will flag questionable activities such as using multiple credit cards and user accounts to purchase high-priced goods to a single address.
Still, there is no perfect security solution; which is why smart retailers ought to invest in cybersecurity insurance from a reputable provider. Visit CyberPolicy for your free quote!