May 09 2023

3 Core Cybersecurity Priorities for Retailers and How to Address Them

Security expert Richard Purizaca offers advice on securing infrastructure, protecting consumer privacy and preventing breaches.

Cybercriminals have been increasing their attacks on retail businesses. That’s why 70 percent of industry CISOs say they expect their budgets to increase for the third year in a row in 2023, according to the Retail & Hospitality ISAC.

We spoke to Richard Purizaca, a senior field security solution architect with CDW who specializes in cybersecurity, about the challenges faced by modern retailers. He said that shrewd retailers understand that there are three core priorities they must confront when it comes to cybersecurity and offered guidance on how they should address each one.

BIZTECH: Can you talk a bit about the three core security issues that retailers must address?

PURIZACA: Yes, let’s take each one at a time. Retailers’ No. 1 priority must be to secure retail infrastructure communications. Retailers need to have a solid understanding of all the assets that exist within their network infrastructure. This requires having clear visibility of those assets to make sure they are monitoring them properly.

It’s important, first, to establish a security baseline: What’s a normal traffic pattern? And once retailers have that visibility and monitoring in place, they can detect when certain conditions happen that will go outside of that normal behavior. That’s what they need to take on in terms of doing some investigation work; if an anomaly happens, that is something to investigate further. That would be the proper way to secure retail infrastructure communications.

Click the banner below to unlock exclusive security content when you become an Insider.

BIZTECH: Why is securing infrastructure communications such a concern?

PURIZACA: Well, the hackers are very sophisticated and they are targeting all industries. Part of the strategy is trying to stay on top of those advanced threats. Retailers should be asking themselves if they have the defenses in place if they are hit with a network attack. How long would it take to recover? Where are your weak spots?

This is particularly true for ransomware, where a hacker will basically encrypt all of your hard drives and folders. The hackers are targeting retail environments, especially in peak volume seasons like Christmas. Those are moments when retailers should stack up their defenses.

BIZTECH: What are some specific ways that retailers can strengthen infrastructure communications?

PURIZACA: Retailers should perform routine health checks on their solutions. It’s good tech hygiene. For example, if the customer has a firewall in place, and that has been configured for a couple of years now, it’s a smart call to go back in and check if the configurations need to be tuned up. It’s always good to perform those tests routinely to prevent against cybersecurity threats.

READ MORE: Discover the latest tech trends being adopted by retailers this year.

BIZTECH: What's the second core issue?

PURIZACA: The next thing is that retailers must ensure they’re keeping consumer data private, so they have to handle consumer data properly. For credit card information or any type of consumer information, they need to have the proper security and encryption levels in place to make sure that line of communication is secure. Any retailer who manages consumer traffic and consumer data should have these security guardrails in place.

BIZTECH: Can you give an example of these security guardrails?

PURIZACA: Having a firewall in place that inspects all the data that’s coming in and out of that retail network would be one example of a critical security guardrail.

Say we have a retail clothing company out there that does a lot of external communication with their partners or does direct to consumer business with orders online. When that communication reaches back to that retail headquarters, we have established guardrails: There’s a firewall in place that’s inspecting that traffic to determine that all the orders are valid. It’s ensuring that there is no malicious behavior going on within that processing flow. And that’s what the firewall is going to do. That’s the guardrail.

Richard Purizaca
Retailers’ No. 1 priority must be to secure retail infrastructure communications. This requires having clear visibility of those assets to make sure they are monitoring them properly.”

Richard Purizaca Senior Field Security Solution Architect, CDW

BIZTECH: That brings us to the third core issue: preventing network breaches. How do these security measures enable that?

PURIZACA: Preventing network breaches means monitoring employees and having an extra layer of visibility. You start with a solid fundamental security program, with monitoring and other tools. You also have a firewall, intrusion detection, URL filtering, endpoint protection and identity and access management. A lot of these tools work together to establish the proper security posture for businesses to avoid any type of network breaches, or at least to lessen the risk in terms of them being exposed to a network hack.

BIZTECH: Can you give an example of identity and access management in the retail context? Does that mean that all employees and consumers in the retail space are vetted through the network?

PURIZACA: It’s both the consumers and the employees. An example of identity and access management would be, if I work for a retail company and I’m allowed to access certain applications to do my job function, the IAM solution will basically confirm that I am who I say I am.

With these controls in place, an employee is given the exact amount of privileges to applications necessary to perform their job functions. Without identity and access management, I could look at financial applications or HR records of other employees that I shouldn’t have access to. It provides an extra layer of protection and privacy. 

DIVE DEEPER: Find out how your organization should be reporting on its cybersecurity progress.

BIZTECH: I want to take these tools you’ve described and place them in a real-world context. Say you’re working with a major retailer and it is looking to set up a sophisticated cybersecurity system. How does CDW determine the right suite of tools for that retailer?

PURIZACA: Typically, we begin with an overall security maturity assessment. This gives us an idea of where the retail customer is in the security journey.

With these assessments, we examine the entire security footprint. That’s going to include all the security tools, what the process looks like, what the security process is, how the customer would react to a network hack and what is in place to mitigate that risk.

We also ask if a customer has the proper engineers and security analysts to detect breaches. And if they do detect a breach, what can they do about it? Can they mitigate it?

A security maturity assessment looks at the people, processes and the technology, and then we start to develop a roadmap. Once we have a baseline of strengths and weaknesses, we say, “Let us help you develop and strengthen your security posture holistically.”

BIZTECH: Say a retail customer does a security assessment and takes your advice. How can the retailer measure improvement and success?

PURIZACA: There are a few different ways to gauge success. One would be by performing a penetration test. A penetration test will offer visibility into their strength perimeter. From that, we can see the weakest points. That would be from a services perspective, for example, or from a toolset perspective. We do work with some partners that can examine the customer’s environment and provide them with a report card of what their security posture looks like, whether it’s excellent, average or weaker in areas.

Getty Images/AsiaVision

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT