“E-Commerce is evolving faster than ever. Blink, and you’ll miss the next big thing.” The theme of this year’s Internet Retailer Conference & Exhibition (IRCE) is more relevant than ever. The National Retail Federation predicts that online retail will grow three times faster than the industry as a whole in 2017. E-commerce has become the norm, so it’s critical that you understand the security threats facing you and your customers in order to safeguard your assets.
According to the Cisco 2017 Annual Cybersecurity Report, retail organizations consider cyberattacks the greatest risk facing their business, and almost a third of retailers have incurred losses because of internet security breaches. Let’s look at some of the most common security challenges Internet retailers will deal with today, and how you can use strong Payment Card Industry Data Security Standards (PCI DSS) Compliance requirements and PCI-compliant hosting to combat those issues.
Card-Not-Present (CNP) Fraud
Researchers at the Aité Group found that CNP accounts for 45% of all credit card fraud in the United States. The shift to EMV, also known as chip-and-pin credit cards, is a key factor in driving the surge in this type of cybercrime. Unfortunately, weak security measures, like retailers not turning on encryption for transactions, leads to the ability of criminals to exploit vulnerabilities in the new system. Although it might cost more upfront to invest in implementing strong security controls, the price is much lower than both the financial loss and loss of customer trust when (not if) a cyberattack happens.
Size Doesn’t Matter
Smaller organizations often lull themselves into a false sense of safety thinking that criminals will only go after the big fish. In reality, the majority – 62% — of data theft happens to small and medium-sized businesses. NPR recently reported on a small Indiana nonprofit supporting cancer patients that was hacked because attackers hoped they would obtain valuable medical records along with financial data. Just as not investing in security tools can be penny wise but pound foolish, it is just as dangerous to overlook risk management strategies and tactics by thinking that hackers won’t notice you.
Ransomware on the Rise
May saw the largest worldwide ransomware attack in history. The attack known as “WannaCry” or “Wanna Decryptor,” hit over 200,000 computers in 150 countries. Retailers might think they are less vulnerable to these attacks, however, as they continue to grow bigger and easier for hackers to execute, ransomware is a top threat facing online retailers. A key to protecting against retail ransomware attacks is to stay on top of system patches as they are released. PCI Compliant Hosting can be a useful partner in combating these types of threats as service providers maintain up-to-date security protections.
How Internet Retailers Can Deal with Security Threats
Retailers must understand PCI DSS requirements. Small size or industry type are not protections and all organizations should ensure their security strategies (logical and physical) are robust, and a key element in implementing online security is PCI-compliant hosting. The best of these hosting solutions offers industry-leading firewalls to protect the network’s perimeter, 256-bit AES encrypted storage and backup to protect cardholder data, disaster recovery to protect and recovery sensitive data, combined with centralized anti-virus software to detect and remove malware.
Ready to Learn More?
Join OnRamp at IRCE 2017 in Chicago, June 6-9, at McCormick Place West to discover the very latest products and services in e-commerce. You’ll hear from industry leaders like keynote speaker, Mary Beth Laughton, senior vice president at Sephora. And, have a chance to learn during sessions covering everything from how to map your customer experience to guide technology investment, to how to build a business case for making an IT investment.
Additional Resources on This Topic: