What Retail Cybersecurity Strategies Can Teach Us About IT

Technology’s effect on retail is a double-edged sword. On the one hand, e-commerce, data-driven customer experiences, and other innovations simplify and amplify the shopping experience. Unfortunately, those platforms open the door to retail cyberattacks that can diminish bottom lines and public opinions.

While the retail industry has its share of unique challenges, the tech issues retailers face can be instructive for businesses in other sectors. Companies in verticals such as finance, manufacturing, and healthcare struggle with similar problems — and can often use the same solutions.

The inability to spot issues within complex IT networks is chief among those issues, which is something craft retailer Michaels experienced in 2014. The retail chain suffered through two large-scale cyberattacks involving stolen credit card information from more than 3 million customers. Most damning, however, was that both breaches went overlooked for eight months and allowed the perpetrators to continue stealing in secret.

Thrift store chain Goodwill faced a similar situation. A cyberattack at the company’s payment vendor allowed hackers to weaponize Goodwill’s point-of-sale solutions to steal customer payment card information. The attack did not affect the entire chain, but the breach went unnoticed for 18 months and caused a significant amount of damage.

Each example is unique, but many companies struggle to identify cyberattacks quickly. Fortunately, companies are taking a smarter, more forward-looking approach to retail cybersecurity with the help of automation. Proactively confronting exposure points allows companies to more effectively manage cyber risk and provide a road map to success that colleagues can follow.

How Retailers Get Proactive About Cybersecurity

Cyberattacks happen suddenly and can throw unprepared retailers for a loop. To combat these looming threats, stores now deploy a two-pronged approach to online retail security: The first step involves reducing the number of successful attacks and the frequency of tech issues, and the second strategy includes responding to issues as quickly as possible.

Here’s how retailers — aided by automation — approach both prongs:

• Before an attack: Considering that 53% of mobile users will leave a site that takes more than three seconds to load, retailers need to ensure high-level technology performances occur consistently. Load balancers, for example, keep traffic spikes from crashing a site; firewalls and content inspectors prevent hackers from compromising the site.

Having a load balancer is vital, but making sure it adheres to best practices is even more important because it only takes one device failure to spark a major incident. With automation, device configuration and validation happens quicker and a reduced risk of error. Automation also frees up network and security teams to focus more on preventative measures and less on routine checks and updates.

• After an attack: As the examples from Michaels and Goodwill illustrate, attacks can cause extensive damage quietly. Given how vast and varying most networks are, manual spot checks are difficult (and sometimes impossible) for small teams to accomplish.

Automation proves pivotal here by monitoring a broad scope of issues with efficiency and accuracy. As digital networks continue to grow in all industries, manually monitoring the firewalls that protect them is unrealistic — automation is the answer.

Cyberattacks on retailers aren’t going anywhere. Fewer will be successful, though, because the industry is getting serious about embracing automation and simplifying security — the result will be much happier customers. To learn how automation can secure and simplify your operations, visit Indeni.

BlueCat to acquire LiveAction

BlueCat adds LiveAction’s network observability and intelligence platform, which helps large enterprises optimize the performance, resiliency, and security of their networks.