Cybersecurity Awareness in Retail
Cybercrime is at a record high and today’s businesses are the ones that take the brunt of the issues. For the retail business, cybersecurity has a couple of different faces. For Cybersecurity Awareness Month, we thought we’d talk a little bit about the retail space and how businesses are securing their customers’ information.
Costs of a Data Breach
Before we take a closer look at the professional services industry, we need to get across just how devastating a data breach can be for your business. Here are some interesting statistics from a study of 2018’s data breaches conducted by IBM:
- The average cost of a data breach: $3.86 million
- The average cost per lost or stolen record as a result of a data breach: $148
- The average cost of lost business after a data breach: $4.2 million
- The average cost of notifying individuals that their data has been compromised: $740,000
These aren’t just enterprise business numbers. These are averages of all data breaches recorded in 2018.
The retail space has its own challenges. Essentially, it is fighting a two-front war. On one hand the retail storefront needs solutions to secure payment cards and consumer information. On the other, they have to protect their Internet-based platforms to ensure that personal (and company) information isn’t being compromised from their eCommerce efforts. Retail organizations also have to prove Payment Card Index Digital Security Standard (PCI DSS) compliance.
Point of Sale and eCommerce systems need to be working in concert in order for a retail organization to prosper. The more proactive you are at protecting personal information, the more successful your organization will be in doing so. That’s why retailers have increased the amount of monitoring they’ve started doing. Tools that are built with machine learning can add extra value as they will be able to identify issues before there is a problem.
Additionally, retailers store a lot of consumer data, and with so many endpoints available. With each retailer setting up their own rewards program, data breaches are up. In fact, 50% of retailers experienced some form of data breach in 2018. Many retail organizations have actually made a conscious effort to curb the amount of personally identifiable information (PII) that they store. In doing so, it keeps targeted data from being harmful if, or indeed when, their business gets hacked, they won’t be in breach of compliance or have to admit to exposing personal information.
Lastly, retail businesses have to protect their point-of-sale (POS) systems. Over the past few years there has been an exponential increase in POS hacking. In response there has been a more coordinated effort to:
- Test device’s hardware and software with penetration testing.
- Proactively maintain and monitor hardware and mobile payment platforms.
- Work directly with suppliers that adhere to your regulatory and security requirements.
- Offer role-based training of all organizational employees and identify users who need remedial training and retesting.
- Provide easily accessible reporting interfaces.
- Blacklist known-to-be malicious IP addresses.
There is no such thing as unimportant data. The security professionals at EZPC Indy can create the resources you need to ensure that your POS systems, whether they are mobile or static, as well as your eCommerce security is monitored, managed, and maintained. Call us at (317) 759-3972 for more information.