www.terranovasecurity.com Open in urlscan Pro
2606:4700:20::ac43:490e  Public Scan

Form analysis
1 forms found in the DOM

GET /search

<form action="/search" method="get" id="views-exposed-form-site-search-page-1" accept-charset="UTF-8" data-once="bef-auto-submit">
  <div class="form-row">
    <fieldset class="js-form-item js-form-type-textfield form-type-textfield js-form-item-keys form-item-keys form-no-label form-group">
      <label for="edit-keys" class="sr-only">Keywords</label>
      <input data-bef-auto-submit-exclude="" placeholder="Search for keywords" data-drupal-selector="edit-keys" type="text" id="edit-keys" name="keys" value="" size="30" maxlength="128" class="form-control">
    </fieldset>
    <fieldset class="js-form-item js-form-type-select form-type-select js-form-item-sort-bef-combine form-item-sort-bef-combine form-no-label form-group">
      <label for="edit-sort-bef-combine" class="sr-only">Sort</label>
      <select class="form-control form-select" data-drupal-selector="edit-sort-bef-combine" id="edit-sort-bef-combine" name="sort_bef_combine">
        <option value="search_api_relevance_1_DESC">Best match</option>
        <option value="published_at_DESC">Newest first</option>
        <option value="published_at_ASC">Oldest first</option>
        <option value="title_ASC">Title A-Z</option>
        <option value="title_DESC">Title Z-A</option>
      </select>
    </fieldset>
    <div data-drupal-selector="edit-actions" class="form-actions js-form-wrapper form-group" id="edit-actions"><input data-bef-auto-submit-click="" class="search-button button js-form-submit form-submit btn btn-primary form-control"
        data-drupal-selector="edit-submit-site-search" type="submit" id="edit-submit-site-search" value="">
    </div>
  </div>
</form>

Text Content

This website uses cookies. You may change your settings at any time.
Accept Opt-Out Manage Cookies
Cookie Preferences
Skip to main content
English
EnglishFrench


SECONDARY NAVIGATION

 * Fortra.com
 * Blog
 * Partners

 * Solutions Toggle Dropdown
    * Column 1
      * Security Awareness Training
        * Cyber Security Training for Employees
        * Phishing Simulation
        * Data Privacy Training
        * Compliance Training
        * GDPR Training
        * Gamified Awareness Training
        * Pre-Built Security Awareness Training
        * Third-Party Risk Management
    * Column 2
      * Our Platform
        * Security Awareness Platform
        * Training Framework
        * Schedule a Personalized Demo
    * Column 3
      * Services
        * Managed Services
        * CISO Coaching & Consulting
        * Support

 * Resources Toggle Dropdown
    * Column 1
      * By Type
        * Blog
        * Customer Success Stories
        * Product Datasheets
        * Reports & Guides
        * Webinars
      * View all resources
    * Column 2
      * Free Tools
        * Cyber Challenge Demo
        * Cyber Security Hub
        * Free Phishing Simulation Trial
        * eBook - Retail Sector
        * eBook – The Human Fix to Human Risk
        * eBook – The New Essential in Education
    * Column 3
      * Cyberpedia
        * Business Email Compromise (BEC)
        * Identity Theft
        * Malware
        * Phishing
        * Security Awareness Training
        * Social Engineering
        * Spoofing
        * Third-Party Risk Management
        * Vishing

 * About Toggle Dropdown
    * About Terranova Security
    * Leadership Team
    * Careers
    * Upcoming Events
    * Press Releases
    * Contact Us

 * Pricing
 * REQUEST A DEMO

Keywords Sort Best matchNewest firstOldest firstTitle A-ZTitle Z-A


 1. Home
 2. Blog
 3. 7 Cyber Security Tips for Retailers

7 CYBER SECURITY TIPS FOR RETAILERS


Posted on November 19, 2020



The holiday shopping season presents a target-rich environment for
cybercriminals. In fact, as per the 2020 Trustwave Global Security Report, the
retail industry is the most targeted sector for cyber attacks for the third year
running.

An increasing shift to a digital environment—a change due in no small part to
the COVID-19 pandemic—isn’t making data protection easier for retailers either.

Consumers continue to set online sales records, a trend that’s expected to
continue through the end of 2020. However, hackers are cashing in on this surge
too, with over £16 million lost to U.K.-based online shopping fraudsters alone
during the three months of the pandemic.

Database security is also a concern for even the biggest eCommerce behemoths.
Earlier in 2020, eight million customer records belonging to the likes Amazon,
eBay, Shopify, and PayPal were exposed because of database vulnerability.

With Black Friday, Cyber Monday, and other holiday-related shopping event
approaching, here’s a short checklist of cyber security tips to help ensure all
retailers are ready for the end-of-season rush.


1. COMPLY WITH DATA PRIVACY LAWS AND REGULATIONS

For online retailers serving a global customer base, this likely starts with
EU-based General Data Protection Regulation (GDPR) compliance, which first began
in mid-2018.

These regulations focus on how personal data is collected, protected and
retained. It applies to any organization operating within the EU and
organizations outside the EU doing business with individuals or organizations
within the EU.

Sparked by the GDPR, 42 U.S. states and other countries worldwide have initiated
data privacy legislation. The most notable of this group is the California
Consumer Privacy Act, which has been enforced as of July 1, 2020. This new
legislation alone has resulted in over 50 lawsuits spurring from violations.

The bottom line for retailers is simple: It’s crucial to comply with privacy
regulations that encompass your operational scope.

Implementing a GDPR awareness solution designed for retailers can help educate
staff directly with the customers, whether online or face-to-face, to better
protect personal information.


2. ENSURE EMPLOYEES UNDERSTAND YOUR CYBER SECURITY BEST PRACTICES

Employees can either be the weakest link or the first line of defense in an
organization’s cyber security posture.

On the one hand, untrained, unprepared employees are unable to consistently
detect and avoid cyber threats and, as a result, are more likely to fall victim
to phishing schemes. They may also be more susceptible to having equipment
stolen or compromised due to preventable behavior.

Retail organizations that implement risk-based security awareness
training programs can motivate employees to adopt a cyber secure mindset and
enhance information security initiatives instead of inhibiting them.

The human factor, regardless of how secure a retailer’s technical infrastructure
is or how recently they’ve upgraded their antivirus software, is an essential
step in safeguarding against cyber attacks.


3. IMPLEMENT MULTI-FACTOR AUTHENTICATION FOR TRANSACTIONS

In the wake of the 2013 Target breach—one that cost the U.S. retail giant $18.5
million in a multistate court settlement—U.S. retailers aggressively moved to
implement the EMV® payment system that uses credit and debit cards with embedded
chips requiring a PIN or signature to complete the transaction.

However, online retailers can’t utilize the added layers of security that come
with those types of cards. Instead, it’s essential that they take advantage of
multi-factor authentication (MFA) options at their disposal to prevent
fraudulent activity.

Whether it’s a unique numeric code or completing a reCaptcha request, these
distinct authentication methods help retailers provide consumers with a smooth,
secure checkout process, leaving both parties with peace of mind.


4. CHECK YOUR SITE FOR MALICIOUS CODES

With chip cards and MFA considerations helping to curb data compromise at a
point of sale, fraudsters are turning to new ways to capture your personal
information during online, card-not-present transactions.

For example, Brian Krebs wrote about how bad actors are compromising e-commerce
sites with malicious code. Krebs cites a security vendor that suggests how
British Airways was breached and another vendor that said it saw 250,000 of
these incidents in September 2018.

Krebs recommends that retailers who want to make sure their site is free of
malicious code can use an online source code viewer to safely view the HTML code
on any webpage without having to render it in an internet browser.


5. CHECK YOUR POS TERMINALS AND NETWORK 

If you’re a retailer who’s going ahead with a physical shopping location this
holiday season, cyber security best practices like routinely auditing loosely
staffed payment terminals at self-checkouts, is key.

This practice helps ensure skimmers haven’t been attached to capture sensitive
consumer information like PIN numbers or account details. It’s also a good idea
to regularly check your in-store Wi-Fi access point and network for rogue
devices that a bad actor may have installed.


6. ENCRYPT THE DATA AND NETWORK

Even if you’ve done everything possible to prevent customer data from
compromise, bad actors are always evolving their strategy and tactics. An easy
way to keep your data secure is to enable file and network encryption wherever
possible.

If you encrypt the data, it will stay protected no matter where it resides, even
if cyber criminals gain access to it. This extends to VPN protection for your
work-related Wi-Fi network, a crucial security layer for anyone accessing or
sending sensitive information over that connection.


HAVE A WELL-DEFINED RECOVERY PLAN

Even if you take all these precautions, it's possible that a cyber attack can
slip through the cracks. To avoid chaos and permanent data loss, ensure that
your organization has a well-defined, ready to execute recovery plan in place.
This type of strategy includes data backup and system reset details, as well as
alignment with internet or hosting service providers.




CYBER SECURITY HUB : ACCESS EXCLUSIVE CYBER SECURITY CONTENT

Sign up now to access engaging, shareable cyber security awareness content
that’s available in multiple formats.

ACCESS THE HUB
Related Solutions
Data Security
Related Content
Blog
10 Most Desired Traits of a Cyber Security Professional
Blog
131 Cyber Security Statistics: 2024 Trends and Data
Blog
Protecting Retail Businesses from Cyber Attacks
 * +1 800-328-1000
 * Email Us
 * Request Support
 * Subscribe

   
 * X Find us on X
 * LinkedIn Find us on LinkedIn
 * Youtube Find us on Youtube


FOOTER


TRAINING

 * Cyber Security Training for Employees
 * Privacy Awareness
 * Phishing Simulation
 * Compliance & Governance
 * Cyber Games


GET STARTED

 * Platform Overview
 * Free Demo
 * Request a Quote
 * Phishing Simulation Trial
 * Guide to Security Awareness Training


COMPANY

 * About Terranova Security
 * Join Our Team
 * Customer Support


CONTACT INFORMATION


PRIVACY POLICY


COOKIE POLICY


IMPRESSUM

Copyright © Fortra, LLC and its group of companies. All trademarks and
registered trademarks are the property of their respective owners.