Study: Retailers are among cyber criminals’ top targets
Despite an encouraging decrease in data breaches last year, cyberattacks are not only on the rise in retail, they are gaining momentum.
Seventy-five percent of retailers have experienced a data breach in the past compared to 52% last year, exceeding the global average, according to the “2018 Thales Data Threat Report, Retail Edition,” from critical information systems provider Thales.
Retail data breaches in the United States more than doubled to 50% from 19% in the 2017 survey. This massive increase drove U.S. retail to be the second highest vertical polled to experience a data breach in the last year, ahead of healthcare and financial services, and only slightly behind the U.S. federal government, according to the study.
Despite these intrusions, U.S. retail is increasingly inclined to store sensitive data in the cloud as widespread digital transformation is underway. Yet, only 26% of companies reported implementing encryption — which trails the global average.
Meanwhile, 95% of U.S. retail organizations plan to use sensitive data in an advanced technology environment (such as cloud, big data, IoT and containers) this year. More than half believe that sensitive data use is happening now in these environments without proper security in place.
In the U.S., the traditional concerns about data security related to perceived complexity and business performance impact are now outpaced by a perceived lack of need (52%). A lack of organizational buy-in was tied to 41% of respondents not perceiving a need for data security.
The good news is that 84% of U.S. retail organizations plan to increase IT security spending, and 28% noted the increase would be significant. The bad news is that spending is not going to what respondents believe are the most effective defenses.
The retail sector recognizes the need for encryption to protect sensitive data, with 49% requiring encryption to increase cloud usage and 44% needing system level encryption and access controls to expand the use of big data. More than half (52%) believe encryption (along with anti-malware tools) is needed to drive IoT adoption. This is in addition to encryption being the number one choice to satisfy compliance and data security laws, such as GDPR, Korea’s PIPA and APPI in Japan.
Seemingly contradicting themselves, both U.S. and global retail ranked end-point and mobile defenses as those that will get the largest spending increase (72% U.S.; 52% global) even though they rank them the least effective. A bright spot is that more organizations recognize the threat to cloud data, as 49% of respondents have ranked cloud at the top of their IT security spending priorities.
Other key findings include:
• Sixty-seven percent of U.S. retailers are planning to implement database and file encryption this year;
• Two of the top three tools needed for additional cloud use are encryption with enterprise key control or cloud provider key management; and
• For the first time, compliance is not identified as one of the top five security spending drivers.
“This year’s significant increase in data breach rates should be a wakeup call for all retail organizations,” said Peter Galvin, chief strategy officer, Thales eSecurity.
“Digital transformation is well underway and the business benefits of the cloud, big data, IoT and mobile payment technologies are compelling and fueling widespread adoption,” he said. “However, with the flow of sensitive data through all of these disparate platforms and technologies, the attack surface increases exponentially and with it, the risk of a data breach.”
No comments found
The key to driving mobile wallet usage is…
Mobile wallets may enable users to electronically and seamlessly pay for merchandise, however digital payments are not driving usage.
Promotions are the No. 1 reason consumers are drawn to mobile wallets, especially since consumers are ready to go digital with coupons and loyalty cards, according to the “U.S. Consumer Mobile Report,” from mobile marketing company Vibes.
Nearly 100% of consumers said they would save content, such as promotions, loyalty cards and coupons, to their mobile wallet if they were tailored to them. Just one quarter (27%) of respondents said they would adopt a mobile wallet if it would make their life easier, by organizing things like offers, loyalty cards or airline boarding passes.
This suggests that a gap exists between what consumers want from brands and what is currently being offered to them, according to the study.
Conversely, use of new messaging apps, like Facebook Messenger, is steadily growing. More than half (61%) of respondents subscribe to mobile messaging because of incentives or coupons, combined with 55% who subscribe because of loyalty rewards points.
Moving forward, brands should leverage loyalty offers more regularly in their messaging, rather than leaning on convenience, to promote adoption of these channels. Further, brands need to strike a balance with message volume. Consumers who find text messaging useful will be drawn to value-based communications (like incentives and rewards). They will unsubscribe if they receive too many messages, the study revealed.
The same holds true for mobile apps overall. Brands must stay current and cutting-edge if they want to secure real estate on a customer’s smart device. Retailer, restaurant and brand apps remain the most commonly downloaded type of app, but consumers will delete apps if they are unused or take up too much storage, the study said.
“The findings show that consumers’ increasing use of wallet is for storing loyalty cards, coupons, and tickets – it’s not about payments,” said Jack Philbin, co-founder and CEO of Vibes.
“In fact, the largest consumer use case is currently boarding passes which have been live in Apple Wallet for years and are now supported by Google as well. Simply having an app is no longer enough for brands to cut through the clutter. Consumers want personalization – this is what must be reflected in mobile strategy across channels where consumers spend their time.”
No comments found