Modell’s Sporting Goods is strapping on protective tech gear to keep its IT and data systems as safe as possible. The 150-store family-owned retailer is working to combat creative, fast-moving hackers and cybercriminals.
“The current threat landscape is ever changing,” said Vincent Damiano, VP of Information Security and Compliance at Modell’s in an interview with Retail TouchPoints. “We are seeing more sophisticated attacks and traditional solutions are not able to keep up.”
The retailer recently deployed a comprehensive data security solution from Cyphort that can monitor perimeter threat activity as well as any lateral activity within Modell’s network infrastructure. The solution already has been deployed at Modell’s headquarters and is covering distribution to its stores. Next steps, to be implemented in coming months, include email monitoring and encrypted traffic.
Getting There Before The Bad Guys
Of particular concern are zero day vulnerabilities — a “hole” in software that is unknown to the vendor, which is exploited by hackers before the vendor becomes aware of it and provides a fix. “These are a top priority, so we wanted to make sure they are being detected and mitigated quickly,” said Damiano.
“Given the speed at which new threats are introduced, we wished to add a security layer that dealt with more than just scanning for the known and reported malware, but also looked for patterns of suspicious behavior and proactively alert us of potential malicious intent,” Damiano added. “We needed the solution to be smart so that it wouldn’t overwhelm the IT departments with false positives so they can focus on the threats that really matter.”
Chasing false positives currently takes up 70% of Modell’s analysts’ time. “The main causes for this is lack of scalability, and lack of being able to incorporate rule sets,” Damiano explained. “With Cyphort, we are already seeing a big change in time spend on evaluating only the threats that matter.”
For Modell’s, flexibility and rapid deployment have been true positives of the Cyphort solution. “The solution is easy to manage; we can handle and prioritize alerts all on the dashboard,” said Damiano.
He also likes the solution’s ability to provide a deeper analytical take on cyberthreats. “By far the biggest benefit thus far has been the detection and behavioral analysis,” said Damiano. “With Cyphort we can inspect the malware behavior from multiple vantage points, and we didn’t have anything like that in place before.”
Other key elements of Cyphort’s APT (Advanced Persistent Threat) defense include:
• Action-oriented workflows, enabling responders to quickly determine which incidents require immediate attention and provide detailed reporting on the threat’s extent;
• Flexible software-based solution allowing virtualized deployment across distributed enterprises and virtual private cloud environments; and
• Support for customers to maintain high security levels to achieve compliance with evolving PCI security standards.