More Than Half: The Story of Cyber-Attacks and Global Organizations in 2017
Three words. It might not seem enough to cause a rethink of your 2018 cyber-security strategy, but it should. Why? Because according to the latest Forrester report, “Top Cybersecurity Threats for Retailers in 2018,” attackers breached more than half of all global enterprises in 2017.
More. Than. Half.
With cyber-criminals enjoying that level of success, you can be sure that cyberthreats will not slow down any time soon. To best protect yourself (and join the select group of organizations that are not breached), it’s important for retailers to first understand three key takeaways from Forrester’s report:
- Omni-channel functionality is becoming a ‘must have,’ but it also increases the surface area for attackers to exploit.
- Ransomware is the fastest growing malware threat, and retailers must guard against an attack on their essential technology, such as POS systems.
- Considering the sheer number of organizations that are impacted by breaches, having a committed, thorough response plan prepared in advance is essential.
With these takeaways in mind, it’s worth considering the active role retailers must take in protecting their own organizations as well as customers. It might seem a daunting task, but a good place to start is to review these top five emerging threats faced by all retailers, and how best to prevent them.
- Omni-channel Fulfillment Capabilities: A Gift to Your Customers… and Hackers – Customers want better experiences, less friction and the ability to pay the way they choose. Unfortunately, they also expect that retail merchants keep them safe. Retailers must train in-store staff to act as guardians of merchandise and information, with a strict verification policy put in place and enforced. Secret shoppers can be a great way to test the strength of this system.
- Another Company’s Breach Could Become Your Problem – When another organization is breached, the stolen data can create a ripple that engulfs your organization. Criminals with access to compromised accounts can commit fraud, which can cost you in real dollars and brand equity. The intelligent use of friction, that is, adding verification, or monitoring customer data for fraud and insights about unusual activity, can limit the impact of compromised accounts (and keep you out of the headlines).
- Non-Card-Based PII Data: The Hacker Magnet – Personalization is a tremendous tool, but for it to be effective you must first have a wealth of personalized identity information (purchase history, demographic profile, Wi-Fi history, etc.). And guess who would love to have drivers’ license numbers, social security numbers and cell phone data? Hackers throughout the world. Retailers must treat this information as the lifeblood of their organization, because in many ways, it is. Tokenize, encrypt and restrict access to this information.
- Ransomware is Holding the Digital World Hostage – Ransomware has quickly become the hacker’s new best friend, with Forrester reporting more than 4,000 attacks have occurred daily since January 1, 2016. If successful, hackers can potentially disrupt an entire operation (imagine that on Black Friday), so security teams must develop an incident response plan to ensure that any downtime is limited.
- Protecting Your Brand Offline – Unfortunately, the odds are that the majority of organizations will be breached. If this happens, you must respond in a way that shows customers you care. Being upfront and transparent about a breach, its impact and your plans to remediate the situation will go a long way toward rebuilding the relationship with your customers. Have this plan in place so you’re not scrambling to react should a breach occur.
Want to avoid joining the “More Than Half”? Visit booth #2753 at NRF Retail’s Big Show, New York City, Jan 14-16 to talk to our experts about cybersecurity and find out how you can receive a complimentary copy of the full Forrester report.
Related Blog Posts
Consumer Payments: Will ‘Request for Payment’ Be the Next 'Big Thing'?
This week, NatWest announced that it has teamed up with British mobile phone retailer Carphone Warehouse to trial a new online shopping system that lets customers pay directly through their bank account, without using a debit or credit card.
Money20/20 Europe: A Payments Extravaganza and a (figurative) Carnival of Sorts (to borrow from R.E.M.)
According to the Googles, “payments” translates as “betalingen” in Dutch. And if I’m using the word correctly, betalingen is on full display! Last week, Amsterdam brought many highs (and not of the stereotypical Amsterdam variety), very few lows (Antonio Banderas as a no-show, unexplained flight delays both departing and returning), a couple of surprises (Stu co-winning the Payments Race, celebrating Mark’s fake birthday) and some great memories. In addition to our presence at the ever-lively Money20/20 Europe, we hosted a corporate event commemorating our 20th anniversary in the Netherlands—welcoming regional ACIers and customers alike (and enjoying a most densely delicious and decorative cake).
A Rocky Mountain High on Payments Innovation
We were so high last week; in fact, we were a figurative mile high… in sunny Denver for our annual ACI Exchange user conference. And among the myriad highs during the week was our own ‘Un-conference,’ which generated major buzz that sparked an enormous appetite for some tasty innovation. Some of the ideas generated included the following:
Telcos Must Walk Before They Run When It Comes to Mobile Payments Innovation
The mobile payments market is growing fast, fueled by technological innovation and consumer demand. With each consumer predicted to own, on average, nine connected devices by 2021, there is no doubt that we can expect to see an exponential rise in the number of devices and applications used to make mobile payments over the coming years.
The Merchant Balancing: Act Operational Costs vs Customer Experience
There is no excuse any more for a poor payments experience, but retailers are tasked with a delicate balancing act – not only balancing payments fraud and friction, as we explored in a recent blog post – but also cost and customer experience. With many areas of the business competing for resources, should retailers be cutting costs when it comes to payment acceptance, or focusing on delighting the customer through innovative payment experiences?
What Rihanna Can Teach Us About a Decade of UK Faster Payments
The end of this month marks 10 years since Rihanna’s single, Take a Bow, reached number 1 in the UK singles charts.
Although I know a little about Barbados, I am only an amateur student of the popular Bajan singer’s lyrics. But I cannot help feeling her song reads like a commentary of the cataclysmic world of banking in 2008; “That was quite a show, but now it’s time to go,” and “You look so dumb trying to apologize… I know you’re only sorry you got caught,” or “it’s over now, go on take a bow.”
Setting the Table for Success in the New World of Merchant Payments
Once upon a time, not so very long ago, creating a payments journey for your customers was as simple as calling your bank, choosing from one of two (maybe three) terminal types that would enable your business to accept mag stripe cards. And then perhaps deciding whether to offer your customers American Express acceptance.
How things have changed!
The Age of Consent – Who Owns “Big Data”?
The EU General Data Protection Regulation will enter in force at the end of this week, and there can be very few businesses today that are not scrabbling to meet compliance objectives.
GDPR sets out rights of citizens and consumers as owners of their own personal data, meaning that data can only be processed by a company if the data subject has given consent to the processing of his or her personal data for specific purposes, or if that data is essential to fulfil the service contracted by the data subject. So far, so good. Arguably many companies will alter existing customer agreements in search of compliance.
Slam the Brakes on Gas Pump Fraud and Rental Car Scams This Memorial Day Weekend
The process of secretly reading data off credit and debit cards (aka skimming) could be netting criminals as much as $3 billion a year in the US, according to Bankinfosecurity.com.
As we look forward to Memorial Day weekend here in the U.S., travelers are getting ready for road trips to their favorite destinations. Whether it’s a beach party in Miami, snorkeling in Catalina Island, or even a staycation, payments – and more specifically, payment fraud – is a huge consideration for travelers, especially during the holiday weekend. I sat down with one of our payments fraud experts, Seth Ruden, to talk about what travelers must look out for regarding payment fraud and how they can keep their money safe. Here’s what he told me.
Gen Z: A Day In The (Payments) Life
There has been an immense focus placed on the ‘Millennial’ generation, and for good reason, as they have become a driving force in the future of payments. This generation looks to technology to solve their payments needs—and it’s all about the factors of convenience, speed and flexibility. And as a college student, my typical daily ‘payments routines’ reflect these factors. With that, I wanted to share a snapshot, which I think demonstrates how my own demographic is influencing the payments industry.