Retail Industry: The Target for Cyberattacks

By CIOReview | Tuesday, February 19, 2019

Hackers have evolved continually in the past few years, but retailers are still their prime targets for a cyber-attack. Retailers are topping the list of nearly every cyber-security report. It is vital for retailers to fortify their security maturity and understand the risks involved to help mitigate the risks. The cloud can present a transformation opportunity to a company but at the same time bring the risk of security impacting errors and software bugs. E-Commerce is the primary target because of valuable consumer’s personally identifiable information (PII). The cloud at the very least can store data for future use and targeted marketing.

Retailers have complete control over the payment process via cards, and they have to take steps to prevent data theft and fraud. A hefty penalty is involved if the retailer is not in compliance with the Payment Card Industry Data Security Standard (PCI DSS) security standard that handles credit cards. The different levels of PCI compliance and any organization that accepts money for a product, and even if the transaction is outsourced should go through some level of assessment. If a retailer runs a public application, they must place the security itself.

The retailer must become deeply familiar with the Open Web Application Security Project (OWASP) to know about the compatibility of older versions with systems. Integration and regression testing are vital against components that can impact the security of the application. Developers must code the application to handle the exchange of critical information when two applications interact. Maintaining a good IT security posture requires ongoing action and review. Retailers must focus on cybersecurity system to provide value to customers.