When much of the world shut down in response to the COVID-19 pandemic, one sector saw an explosion of activity—online shopping. Without the ability to visit stores in person, consumers had everything from groceries and take-out meals to inflatable swimming pools and lumber delivered to their homes.
Cybercriminals, sensing an opportunity, pounced. A study from cloud computing company Iomart found that large-scale breaches increased 273 percent in the first quarter of 2020. Between May 2020 and May 2021, the FBI reported that the number of cybercrime complaints increased by one million. For comparison purposes, it previously took nearly three years to reach the same number of complaints. At the rate things are going, ransomware will cost its victims around $265 billion annually by 2031, Cybersecurity Ventures predicts, with a new attack (on a consumer or business) every 2 seconds as ransomware perpetrators progressively refine their malware payloads and related extortion activities. The dollar figure is based on a 30 percent year-over-year growth in damage costs over the next 10 years.
Retailers are collecting an enormous amount of consumer data, and as that repository grows, it becomes even more attractive to cybercriminals. Additionally, physical stores are full of connected devices, including cash registers, mobile computers, and kiosks, often linked to a wireless LAN. As a result, retailers have been the victims of an increasing amount of malware, ransomware, and phishing attacks that have compromised millions of customers’ data. These attacks also damage retail brands and result in substantial financial losses.
For IT solution providers with retail clients, the increase in ransomware attacks making headlines highlights both their own vulnerabilities and the unique risks in the retail industry, given the large amount of payment and consumer data moving around. So, how can solution providers help these clients remain secure and respond appropriately when there’s a breach? There are a few best practices that can help.
Retail Clients Should Have a Data Breach Plan
When a breach occurs, time is of the essence, both in stopping the attack and alerting customers. Therefore, retailers should have a detailed plan outlining stakeholder responsibilities, attack mitigation strategies, how to recover and restore data, manage the event, report the breach to the public, and notify customers whose data may have been compromised. Additionally, they must identify key personnel in IT, legal, risk compliance, marketing, and other divisions involved in the response. Establishing a plan before a data breach will save time and avoid confusion when an actual attack occurs.
Provide Robust Backup and Data Recovery Services
A ransomware attack can go from inconvenient to critical if the retailer is unable to recover its data. Make sure that retail clients frequently back up the data in their network and have a recovery plan in place that includes regular testing to ensure that it works.
Help Clients with Post-Attack Forensics
Any breach (or breach attempt) should be thoroughly investigated and documented. This process will help retailers provide information to their customers, regulators, or other parties and help adjust the response plan for future incidents. Solution providers can also help connect retail clients with forensic specialists to assist with investigations.
Prepare for the Post-Breach Response
Retailers should already have relationships with vendors that can help with the customer response should data be compromised, including mass mailing services, credit reporting services, and response hotlines. There should also be a crisis communication plan. Many companies want to wait until they know all the facts before going public, but this can compound the damage from the breach. Instead, retailers should be as transparent as possible as they work to mitigate the damage, investigate the source of the breach, and help consumers recover.
Provide Guidance to Retailers for Managing, Storing, and Deleting Data
While retailers have gotten better at collecting consumer data, they don’t always follow best practices when storing it or even determining what data they need to keep. Retailers that have been in business for decades may have sensitive customer data stored in legacy systems that don’t meet current security standards. Solution providers can help those clients remain secure by mapping current data, evaluating what’s necessary to retain, and ensuring the data is properly protected. Try to minimize the amount of customer data that is stored to the bare minimum. The less data in the system, the less damage a breach will cause.
Help Clients with Partner Due Diligence
Retailers also frequently utilize third-party providers for payments, customer relationship management, and other services that could create vulnerabilities. Make sure retailers do their due diligence to ensure these vendors and partners are compliant with industry security standards, too.
Provide Adaptive Security Tools Designed to Protect Against Current and Future Attacks
Make sure that retail clients are making use of the most up-to-date security strategies and technologies, including security-centric remote monitoring, multi-factor authentication, encryption, a zero-trust strategy, artificial intelligence, and network segmentation. Solution providers also need to make sure their own house is in order to avoid a cascading series of attacks similar to those we have experienced recently.
Now that retail is in full swing, you need to remain vigilant regarding the rapidly increasing number of cyberattacks your customers face. You can provide critical services and assistance when it comes to protecting data and responding to breaches when they occur.