More Than Half: The Story of Cyber-Attacks and Global Organizations in 2017
Three words. It might not seem enough to cause a rethink of your 2018 cyber-security strategy, but it should. Why? Because according to the latest Forrester report, “Top Cybersecurity Threats for Retailers in 2018,” attackers breached more than half of all global enterprises in 2017.
More. Than. Half.
With cyber-criminals enjoying that level of success, you can be sure that cyberthreats will not slow down any time soon. To best protect yourself (and join the select group of organizations that are not breached), it’s important for retailers to first understand three key takeaways from Forrester’s report:
- Omni-channel functionality is becoming a ‘must have,’ but it also increases the surface area for attackers to exploit.
- Ransomware is the fastest growing malware threat, and retailers must guard against an attack on their essential technology, such as POS systems.
- Considering the sheer number of organizations that are impacted by breaches, having a committed, thorough response plan prepared in advance is essential.
With these takeaways in mind, it’s worth considering the active role retailers must take in protecting their own organizations as well as customers. It might seem a daunting task, but a good place to start is to review these top five emerging threats faced by all retailers, and how best to prevent them.
- Omni-channel Fulfillment Capabilities: A Gift to Your Customers… and Hackers – Customers want better experiences, less friction and the ability to pay the way they choose. Unfortunately, they also expect that retail merchants keep them safe. Retailers must train in-store staff to act as guardians of merchandise and information, with a strict verification policy put in place and enforced. Secret shoppers can be a great way to test the strength of this system.
- Another Company’s Breach Could Become Your Problem – When another organization is breached, the stolen data can create a ripple that engulfs your organization. Criminals with access to compromised accounts can commit fraud, which can cost you in real dollars and brand equity. The intelligent use of friction, that is, adding verification, or monitoring customer data for fraud and insights about unusual activity, can limit the impact of compromised accounts (and keep you out of the headlines).
- Non-Card-Based PII Data: The Hacker Magnet – Personalization is a tremendous tool, but for it to be effective you must first have a wealth of personalized identity information (purchase history, demographic profile, Wi-Fi history, etc.). And guess who would love to have drivers’ license numbers, social security numbers and cell phone data? Hackers throughout the world. Retailers must treat this information as the lifeblood of their organization, because in many ways, it is. Tokenize, encrypt and restrict access to this information.
- Ransomware is Holding the Digital World Hostage – Ransomware has quickly become the hacker’s new best friend, with Forrester reporting more than 4,000 attacks have occurred daily since January 1, 2016. If successful, hackers can potentially disrupt an entire operation (imagine that on Black Friday), so security teams must develop an incident response plan to ensure that any downtime is limited.
- Protecting Your Brand Offline – Unfortunately, the odds are that the majority of organizations will be breached. If this happens, you must respond in a way that shows customers you care. Being upfront and transparent about a breach, its impact and your plans to remediate the situation will go a long way toward rebuilding the relationship with your customers. Have this plan in place so you’re not scrambling to react should a breach occur.
Want to avoid joining the “More Than Half”? Visit booth #2753 at NRF Retail’s Big Show, New York City, Jan 14-16 to talk to our experts about cybersecurity and find out how you can receive a complimentary copy of the full Forrester report.
Related Blog Posts
Women Must Choose to Rise Up Despite Past, Current and Future Circumstances
Money20/20, Europe’s biggest payments and fintech event, was recently held in Amsterdam and featured Rise Up Money20/20, a global program designed to address the gender imbalance in leadership positions within the financial services and fintech industries. A cohort of 30 female professionals was selected to take part in an exclusive curated agenda, complete with a series of bespoke content sessions, one-to-one mentoring and unique networking opportunities.
How Italian Banks and Processors Can Capitalize on Digital Transformation
The European payments landscape is in an era of significant change thanks to PSD2 and other macro factors, but there is more than one way to deliver real-time and open payments to meet PSD2 requirements and its technical standards. Banks and processors must manage this alongside their own set of domestic challenges and opportunities.
Overcoming Cyber Threats to Payments Security
Recently, Gene Scriven, chief information security officer at ACI, spoke at NACHA Payments 2019 on the ever-changing landscape of cybersecurity. Here are a few highlights from his session, including the impacts of cybersecurity breaches, today’s emerging threats and the new strategies to keep your organization safe.
Removing Gender Bias and Enabling Women to Succeed in Leadership Roles
The recent UK Women in Payments (WIP) Symposium 2019 took place in London, recognizing unique leaders who help uplift women in the payments industry. Among those recognized was ACI’s Melissa McKendry, vice president, Retail Banking Implementation Services, who was honored by WIP as the 2019 Advocate for Women.
Payments and Fraud: The Paradox Twins
Digital commerce through web and mobile is where merchants predominantly experience shopper growth today. This has become a hugely important domain for their focus. It offers a means for international growth, new market penetration and a way to engage with shopper-hungry Millennials in their culture. Merchants frequently adopt a Digital-First, eCommerce-First or Mobile-First strategy to ensure full corporate buy-in to this strategy.
Open Payments Systems for Merchants: Don't Close Down Your Options
Remember “Open Systems”?
It was a big industry nom du jour in the 80s and 90s. Every IT system had to be open and therefore flexible and future-proof. Nobody can argue with the logic behind this; making systems easy to integrate with other systems, ensuring vendors could cooperate with one another; creating agility to improve time to market and drive down costs.
Why It’s Time for Women to Rise UP
As a senior software engineer at ACI Worldwide, Rawan Shawar helps to guide her team’s priorities and enhance processes at both the team and organizational level. Recently, Rawan was selected by the organizers of Money20/20 Asia to be part the Rise Up Class of 2019.
Can Digital Payments Be Kind?
There is no doubt that the era of less (or minimal) cash is truly upon us. According to the Access to Cash Review, cash could fall to just 10 percent of all payments in the UK within the next 15 years.
Other countries, such as Sweden, have already seen significant changes – cashless payments have grown so quickly that only 10 percent of the 20 SEB banks in Stockholm now hold cash. Beyond Europe, China is leading the way with USD$12.8 trillion in mobile payment transactions in 2018.
Why Non-Functional Requirements Should be a Few of Your Favorite Things
It’s not unusual for me to be questioned by retailers as to why some payment solutions are priced differently or more expensively than others – in fact, it would be unusual not to be asked those questions when dealing daily with procurement and finance teams of major multi-national multi-channel merchants!
Keeping Up With Fraudsters: A Month Isn’t Enough
As the Government of Canada campaigns for improved fraud prevention and awareness this month, I’d like to do my part as a fellow Canadian, and shed some light on why payments need to stay a step (or more) ahead of fraudsters, today more than ever.