8 Holiday Security Tips for Retailers
Here's how retailers can protect their businesses from attackers and scammers hoping to wreak havoc during the most wonderful time of the year.
Another Halloween is in the books, Thanksgiving is only four weeks away, and, before you know it, the Christmas rush will be in full swing.
Once again, the holiday season is upon us, and for retailers, especially, that means an especially busy time. Online sales, for example, are expected to jump 14% to 18% this year compared to 2018, according to the 2019 Deloitte holiday retail survey.
The holiday season is also a time for retailers to be proactive about security. Among the highest risk factors, according to Muktar Kelati, director of intelligence operations for the Retail & Hospitality ISAC (RH-ISAC), are employee negligence or poor security hygiene, unpatched vulnerable systems, misconfiguration or poor security of publicly accessible online resources, and older point-of-sale (POS) systems.
"The industry has realized that security is a broad problem that requires a multifaceted approach from not only the retail sector, but the financial sector that issues and manages the payment infrastructure, as well as supply chain partners, third-party service providers, the major technology players and the public sector," Keltai says.
Retailers also should be on the lookout for ransomware attacks, including those tied to distributed denial-of-service (DDoS) attacks, adds Adam Levin, founder of CyberScout.
"Small retailers are also vulnerable," he says. "They often don't have the training, budget, or resources, but it's important to keep in mind that no business is too small or unimportant for a hacker."
With that as a backdrop, retailers can use these eight security tips to prepare for the holiday rush. Have a safe and prosperous season.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024