More Than Half: The Story of Cyber-Attacks and Global Organizations in 2017
Three words. It might not seem enough to cause a rethink of your 2018 cyber-security strategy, but it should. Why? Because according to the latest Forrester report, “Top Cybersecurity Threats for Retailers in 2018,” attackers breached more than half of all global enterprises in 2017.
More. Than. Half.
With cyber-criminals enjoying that level of success, you can be sure that cyberthreats will not slow down any time soon. To best protect yourself (and join the select group of organizations that are not breached), it’s important for retailers to first understand three key takeaways from Forrester’s report:
- Omni-channel functionality is becoming a ‘must have,’ but it also increases the surface area for attackers to exploit.
- Ransomware is the fastest growing malware threat, and retailers must guard against an attack on their essential technology, such as POS systems.
- Considering the sheer number of organizations that are impacted by breaches, having a committed, thorough response plan prepared in advance is essential.
With these takeaways in mind, it’s worth considering the active role retailers must take in protecting their own organizations as well as customers. It might seem a daunting task, but a good place to start is to review these top five emerging threats faced by all retailers, and how best to prevent them.
- Omni-channel Fulfillment Capabilities: A Gift to Your Customers… and Hackers – Customers want better experiences, less friction and the ability to pay the way they choose. Unfortunately, they also expect that retail merchants keep them safe. Retailers must train in-store staff to act as guardians of merchandise and information, with a strict verification policy put in place and enforced. Secret shoppers can be a great way to test the strength of this system.
- Another Company’s Breach Could Become Your Problem – When another organization is breached, the stolen data can create a ripple that engulfs your organization. Criminals with access to compromised accounts can commit fraud, which can cost you in real dollars and brand equity. The intelligent use of friction, that is, adding verification, or monitoring customer data for fraud and insights about unusual activity, can limit the impact of compromised accounts (and keep you out of the headlines).
- Non-Card-Based PII Data: The Hacker Magnet – Personalization is a tremendous tool, but for it to be effective you must first have a wealth of personalized identity information (purchase history, demographic profile, Wi-Fi history, etc.). And guess who would love to have drivers’ license numbers, social security numbers and cell phone data? Hackers throughout the world. Retailers must treat this information as the lifeblood of their organization, because in many ways, it is. Tokenize, encrypt and restrict access to this information.
- Ransomware is Holding the Digital World Hostage – Ransomware has quickly become the hacker’s new best friend, with Forrester reporting more than 4,000 attacks have occurred daily since January 1, 2016. If successful, hackers can potentially disrupt an entire operation (imagine that on Black Friday), so security teams must develop an incident response plan to ensure that any downtime is limited.
- Protecting Your Brand Offline – Unfortunately, the odds are that the majority of organizations will be breached. If this happens, you must respond in a way that shows customers you care. Being upfront and transparent about a breach, its impact and your plans to remediate the situation will go a long way toward rebuilding the relationship with your customers. Have this plan in place so you’re not scrambling to react should a breach occur.
Want to avoid joining the “More Than Half”? Visit booth #2753 at NRF Retail’s Big Show, New York City, Jan 14-16 to talk to our experts about cybersecurity and find out how you can receive a complimentary copy of the full Forrester report.
Related Blog Posts
When Is Processing Payments in The Cloud More Secure?
Back when I started my career, “Jessie’s Girl” by Australian rocker Rick Springfield topped the charts, the federal funds rate was 20 percent and most organizations were reliant upon one or more mainframe computers that were hosted in an internal “computer room.”
Oh, the Different Ways to Pay Today (Not by Doctor Seuss)
Mark, Mega Millions tickets cost 2 dollars now?!? I don’t have 2 dollars in my wallet... I don’t have any dollars in my wallet!
And due to my lack of paper currency, if I’m not in it, I can’t win it. And I wanna win it, which has got me to thinking (again) about the new(er) ways to pay. When we last tackled the topic, I think we were ranting about wearable rings, speedos, the Rio Games and maybe Ryan Lochte’s hair. We’re now approaching a saturation point when it comes to places (on the body) to put payment mechanisms (especially if you’re in Rio!).
Payments' Big Five: what We Will be Hearing about in 2018
The new year is here… so while resolutions are enacted, and almost inevitably broken before the month is out, it is also the time to look ahead at what the next year may bring. One thing that is clear is that payments will become an even more important ingredient in the business strategy of every merchant. From my perspective, these are the five trends that will have the biggest impact in 2018.
The Eba's Regulatory Technical Standards Provide the “How” to Psd2's “What”
February 2017 saw the release of the long-awaited draft regulatory technical standards (RTS) for strong customer authentication (SCA) from the European Banking Authority (EBA). The RTS defines the technical framework for the implementation of PSD2 with primary focus on SCA, and common and secure connection (CSC). In short, we could say that PSD2 covers the “what” aspect of the regulation whereas the RTS defines the “how” this is to be done.
The Bank of the Future: 2040 and the Reality of Ar and Vr
Mark, when I envision the bank of the future, I imagine Twiki and Buck Rogers at a casino. Or maybe I once dreamed that—I’m old and my mind is going. So what are we talking about and what can we envision when it comes to the bank of the future? And by future, I’m talking about 2040, before certain cities might be flooded (by water). But I digress, as this isn’t a post about climate change.
Oh Payment Trends
As the first flakes start to fall and the smells in the air start to change (as my esteemed colleague Seth mentioned in his recent post), my favorite sign of the holiday season begins to appear—the trends to watch in the coming year.
Dumbing down Payments and FinTech Jargon… Just in Time for the Holidays!
Mark, is there a slightly less insulting phrase for “dumbing down” something? I ask because there are some terms and topics making bigly waves today and many/most consumers outside of payments/banking/fintech/tech might not understand their significance and why they should care. With that, can we take a moment to simplify these terms and topics, while also conveying their importance to the masses—from your mother-in-law to your daughter’s daycare provider to “the old man sitting next to me making love to his tonic and gin” (I’m a sucker for Billy Joel).
The Art of Open Banking, Part 2: on the March
In the first part of my talk with @digitalbankguru (aka Mark Ranta) and @Lui_Zurawski (aka Lu Zurawski), we discussed plans that best prepare an organization for Open Banking, and in this second chapter, we explore some use cases for delivering value.
What Makes Latin America an Attractive Market for Cryptocurrencies? [¿Qué Hace a Latinoamérica Un Mercado Atractivo Para Las Criptomonedas?]
Cryptocurrencies are one of today’s hottest topics – seemingly in every corner of the globe. Bitcoin continues to be the most popular – and certainly the most well-known – though digital currencies have been blossoming at an unprecedented pace recently. There are currently more than 16 million Bitcoins in existence, and it is expected that there will be more than 22 million by 2022. Worldwide acceptance is growing, with over 9,800 businesses registered on the Coinmap website, compared to 2013 when there were only 133 businesses registered.
The Art of Open Banking, Part 1: Laying Plans
I recently had a great discussion with @digitalbankguru (aka Mark Ranta) and @Lui_Zurawski (aka Lu Zurawski) on what it takes to be ready for the revolution in Open Banking. It was a truly global discussion, with stories from North America, Europe and Asia; the conversation part philosophical treatise and part strategy roadmap. Following is a summary of the first part of our wide-ranging discussion on preparing for the Open Banking era.