By Nir Polak, Exabeam
Year in and year out, retailers continue to be a top target for cyberattacks, According to the 2017 Verizon Data Breach Report, there were 326 reported data breaches in the last year alone. Online retailers are hit by the same types of attacks that other online firms receive, including: web application attacks, SQL injection, stolen customer credentials via phishing, etc. While retail CISOs work aggressively to protect their online environments, new threats emerge regularly. Online retailers are, by default, cyber organizations and therefore large targets for cyberattacks. However, this tells only half the story for the retail industry.
This is because, of course, most of the largest retailers, except for one notable exception, maintain a large physical presence in the form of brick-and-mortar stores. Physical stores bring along a huge set of security threats that are very different from online operations, including: credit card skimmers, point-of-sale malware and privilege misuse, among other threats. This is partly due to the fact that the retail industry is well-known for seasonal turnover, as a large portion of retail staff are only hired for a few months during the holidays. These short-term hires typically work in the physical stores, leaving more room for a malicious hire to access local systems and install malware directly on in-store systems.
Advertisement
As mentioned above, the large retailers maintain both large online and physical store presences. They have the worst of both worlds. Their online operations are at risk of cyberattacks, while their store networks face an entirely different set of threats. Of course, these firms are established enough to have sizable back office operations, so in addition to online systems and a physical retail network, they also have a separate corporate network — where payroll, finance, customer and employee health care systems reside. In fact, previous breaches have involved hackers that penetrated the retail network and then jumped into the corporate network, or vice versa.
What’s a CISO to do in an environment that includes web systems, a distributed physical retail network and a corporate network with sensitive data, with nearly everything exposed to remote hackers and temporary employees? It’s a tough scenario, and perhaps it’s not surprising that so many breaches have occurred, and will continue to occur in this industry.
It’s important that CISOs educate themselves and continue to steer their executives and boards of directors toward innovations. New techniques can truly help reduce the risk of a breach significantly. For instance, the use of user behavioral analytics has already been successful at large retailers in detecting jumps from the corporate to the retail network. These systems can also be quite effective in modeling behavior of new (i.e. seasonal) employees, helpful when managers have little personal history with short-term staff. In fact, older security solutions weren’t built for this type of detection, but the amount of data generated today prevents detection by human staff alone.
Retail security professionals should take a close look at the latest in security and user behavioral analytics. The technology has improved dramatically in the past two years and can provide significant risk reduction. After all, we aren’t too far from Christmas…
Nir Polak is co-founder and CEO of Exabeam. He has 13 years of experience in information security, including executive experience setting company strategy, driving execution, building new products and bringing them to market. While at Imperva, Polak set the company product strategy, and launched and managed the worldwide services organization. He also held engineering positions at Adjungo Networks (acquired by Flash Networks) and Shopping.com (acquired by eBay). Outline Headings you add to the document will appear here.