Tuesday 5 November 2024
 
»
 
»
Story

Data breach a growing concern for retailers - report

LONDON, July 24, 2017

Two in five retailers across the globe have experienced a data breach in the past year, according to the 2017 Thales Data Threat Report, Retail Edition, released today.

The report, issued by Thales, a leader in critical information systems, cybersecurity and data security, in conjunction with analyst firm 451 Research, reveals that a staggering 43 per cent of retailers had experienced a data breach in the last year, with a third (32 per cent) claiming more than one.

With 60 per cent claiming that they had been breached in the past, it’s perhaps unsurprising to learn that the majority (88 per cent) of retailers consider themselves to be ‘vulnerable’ to data threats, with 37 per cent stating they are ‘very’ or ‘extremely’ vulnerable.

As a result, three quarters (73 per cent) of retailers expect their spending on IT security to increase.

Taking steps toward compliance
An increase in regulations such as the forthcoming EU GDPR has led to greater awareness and concern around issues of data privacy and sovereignty, with 72 per cent of retailers claiming to be impacted.

The report reveals that, in an effort to comply with these new requirements, almost two thirds of retailers (64 per cent) are encrypting their data, 40 per cent are tokenising data, and a similar number (36 per cent) are implementing a migration project.

Pressures to use advanced technology increase risk
According to the report, half of retail organisations (52 per cent) will use sensitive data in a big data environment this year, with a third (34 per cent) using encryption to protect that data. Despite this, however, 39 per cent were very concerned that they’re using these environments without proper security in place.

What’s more, the report found that as adoption of cloud and SaaS environments continues to rise, so too do concerns regarding their safe use. Two-thirds of retailers (67 per cent), for example, claimed to be very or extremely concerned about cloud service providers (CSPs) falling victim to security breaches or attacks. A similar number (66 per cent) expressed concerns around vulnerabilities in shared infrastructure, and 65 per cent were worried about the custodianship of the encryption keys used to protect their data.

63 per cent of respondents suggested that such fears could be allayed through the use of data encryption in the cloud, with keys being controlled at the retailer’s premises, while half (52 per cent) preferred the CSPs to control the keys.

Garrett Bekker, principal analyst for information security at 451 Research said: “Breach results were not so rosy for global retail – a staggering 43 per cent of global retail respondents reported a breach in the past year alone, approaching twice the global average. These distressing breach rates serve as stark proof that data on any system can be attacked and compromised. Unfortunately, organisations keep spending on the same security solutions that worked for them in the past, but aren’t necessarily the most effective at stopping modern breaches.”

Peter Galvin, vice president of strategy, Thales e-Security said: “With tremendous sets of detailed customer behaviour and personal information in their custody, retailers are a prime target for hackers so should look to invest more in data-centric protection. And as retailers dive head first into new technologies, data security must be a top priority as they continue to pursue their digital transformation.”

Retail organisations interested in improving their overall security postures should strongly consider:
• Deploying security tool sets that offer services-based deployments, platforms and automation;
• Discovering and classifying the location of sensitive data within cloud, SaaS, big data, IoT and container environments; and
• Leveraging encryption and Bring Your Own Key (BYOK) technologies for all advanced technologies. - TradeArabia News Service




Tags: data | retail | breach |

More IT & Telecommunications Stories

calendarCalendar of Events

Ads