2014 was a rude wakeup call for retailers: In January, Target announced an additional 70 million individuals’ contact information was taken during the December 2013 breach. In September, Home Depot announced that cyber criminals had compromised the credit card information of roughly 56 million shoppers.
Neiman Marcus, Kmart, AT&T, Michaels and eBay all suffered cyber attacks this year that compromised the personal information of millions. Flagging consumer confidence was not helped by FBI Director James Comey recent statement:
“There are two kinds of big companies in the United States …
those who’ve been hacked …
and those who don’t know they’ve been hacked.”1
So it's no surprise that nearly half of US credit card holders are saying they’ll avoid shopping at stores that have been hacked (according to a survey by CreditCards.com). Going into the holidays, what can retailers do to beef up cybersecurity and regain consumer trust? Start with these five steps from cybersecurity expert Ray Boisvert:
- Make sure you can screen the massive amounts of data flowing into the organization in real time to catch threats before they cause damage. The Home Depot data breach was believed to happen over several months with bits of data leaking out of the torrent that the retailer manages daily.
- Use advanced analytics to reduce false alarms and detect the true problems. Target had technology in place that did alert it to the 2013 credit card hack – it was just one of the mass of alarms that were classed as false positives. The operations center staff didn’t know where to begin, or which were real threats.
- Integrate cybersecurity into core business requirements. It cannot continue to be an afterthought.
- Understand the origin and behavior of cybercriminals and other attackers, and then build that into the models that seek out anomalies.
- Devote more effort to recruiting the right staff and training them to engage this emerging organizational threat. Find the right external cybersecurity technology and practitioners.
And here’s a holiday bonus sixth step: Learn more about cybersecurity, reducing fraud and how analytics can help by visiting the SAS booth at NRF Retail’s Big Show 2015 Jan. 11-14 in New York. You can book a meeting and get a free Expo pass here. Hope to see you there!