///////////////////////////////////////////
INDUSTRY WATCH
A TOTAL OF 70% OF
CONSUMERS WANT TO
BE ASSURED THAT THEIR
FINANCIAL AND PERSONAL
INFORMATION IS SAFE YET
ONLY 44% OF RETAILERS ARE
ACTIVELY INFORMING THEM.
verticals Akamai sees. In the first week of
July 2018 alone the Akamai Intelligent
Platform witnessed 29,767,361 attacks on
retail companies, more than four million
attacks per day. 21,767,356 of these attacks
were SQL injection attacks. identify security risks and threats and
protect their products and services from
vulnerabilities and threats in real-time,
without compromising on the user
experience. In my view online retailers
should use security more as a business driver.
SQL injection attacks allow attackers to
spoof identity, tamper with existing data,
cause repudiation issues such as voiding
transactions or changing balances, allow
the complete disclosure of all data on
the system, destroy the data or make
it otherwise unavailable to become
administrators of the database server. Data privacy initiatives like GDPR in the EU
and the numerous headlines about website
data breaches makes consumers warier
about their digital entity.
To gain and maintain the trust of their
customers, an online retailer needs to
Customers therefore use trust as decision
criteria in their buying process. A retailer with
strong cybersecurity measures and clear
security and privacy messaging will therefore
have a competitive advantage.
Laurance Dine, Managing Principal,
Investigative Response at Verizon
Retailers are under constant pressure from
cybercriminals that know that there are rich
pickings to be made by stealing customer
data and payment card information. Perhaps
unsurprisingly, Verizon’s 2018 Data Breach
Investigations Report found that payment
card skimmers were one of the biggest
cyberthreats that retailers face – alongside
denial of service and web app attacks that
target e-commerce sites.
Hans Nipshagen, Regional Sales Leader Web
and Security Middle East, Africa and Eastern
Europe, Akamai Technologies
94
INTELLIGENTCIO
Customers have a right to expect that
the retailers they shop with are doing
everything in their power to protect
them from these threats and those that
fall short risk damaging consumer trust
and brand loyalty. This doesn’t require
a huge shift in mindset for retailers, as
the industry has long understood the
Laurance Dine Managing Principal
Investigative Response – Verizon
need for loss prevention – so it’s a
matter of expanding these measures
beyond cameras and security guards to
employing better cybersecurity practices.
Given the potential rewards that can
be gained from hacking e-commerce
applications and websites, these should
be one of the core assets that retailers
are protecting. To ensure a reliable 24/7
service for shoppers, retailers should have
mitigation systems in place that can
protect their websites from DDoS attacks.
It’s also crucial to take all available
precautions to secure customer data.
These can include using mobile device
management to restrict employee access
to sensitive information; encrypting data
so it’s useless in the event of a successful
breach and basic hygiene such as
ensuring software patches are fully up-to-
date to protect against viruses.
Lastly, retailers need to put in place
processes to stop POS terminals from being
tampered with to minimise the chance of
card details being stolen at the point of
purchase – just simple physical steps such
as checking card readers daily for visual
changes such as new peripherals or cables
can go a long way to reducing incidents.
Ultimately, consumer trust will always
be damaged by a cyberbreach of any
kind. Added to this, there’s a risk of
regulatory fines and lost business from
www.intelligentcio.com