As cybercriminals step up efforts to exploit and disrupt retailers, security experts and industry insiders are looking for ways to deal with the threats they face on a daily basis.
In the past year, the number of attacks carried out against retailers has doubled, with the majority of organisations facing at least two attempted breaches every seven days – http://www.telegraph.co.uk/news/2017/08/13/cyber-attacks-online-retailers-double-year-hackers-try-steal/.
The main reason that retailers are being targeted in such a significant, unrelenting way is that criminal gangs want to gain access to the vast stores of customer data for which they are responsible.
Everything from names and addresses to payment card data can potentially be extracted from computer systems and devices used by retailers, which is why investing in endpoint security solutions like those from promisec.com is the only sensible option for firms that want to minimise the risks.
The problem is compounded by the fact that retailers cannot simply ditch this data as soon as a transaction has been completed since it is immensely valuable and enables them to tailor services to the needs of modern consumers and optimise the online shopping experience in an increasingly competitive marketplace.
Retailers are well aware of the rise in cybercrime and the increased likelihood that they will be attacked, but it is not simply a case of dramatically increasing security to overcome the threats. This is because, with each extra layer of protection that is added, the quality of the customer experience will suffer. Consumers are particularly sensitive to sluggish, protracted and overly complicated e-commerce experiences and will likely head to a rival site rather than putting up with a more secure yet less fluid offering elsewhere. This is causing some retailers to turn to passive security measures which combine big data analytics with threat detection to study how users behave and harness this information to work out when any suspicious activity is occurring.
Many security experts argue that it is also important to address the means of authentication that are in use, as the classic combination of an email-derived username and a user-chosen password can be all too easily subverted. Biometric technologies, such as fingerprint scanning and facial recognition, are coming into play in this marketplace, although at the moment there is no one ideal solution on the table.