Oct 17 2023

Retail Cybersecurity in an Expanding Threat Landscape

With foundational pillars of security in place, retailers can come closer to assuring customers that their data is safe.

By the nature of their business, retail companies hold data on their customers. That makes them better able to track customers and market to them — and it also places customer data at risk, thanks to a broad and ever-changing set of cyberthreats such as ransomware, advanced persistent threats and attacks on Internet of Things devices.

As the retail sector enters its busiest and most profitable season, IT teams must heighten their awareness of cyberthreats, prepare their defenses and implement active approaches to mitigating risk. The time is now: Research indicates that the second quarter of 2023 saw an 8 percent rise in weekly cyberattacks, with no signs of slowing. Read on to learn about three solutions that can support retailers in their cybersecurity quest.

Click the banner below to learn how you can prevent loss and improve security in your organization.

Critical Security Solution #1: Managed Detection and Response

One component of Security as a Service solutions, managed detection and response is an outsourced form of security support in which a third party provides monitoring, analytics, threat detection and threat neutralization for an organization. Incident response is a part of MDR, such as that offered by Sophos, that integrates into other security tools that retailers may already be using to provide 24/7, human-led responses.

MDR services include technological tools (web monitoring, endpoint detection solutions, threat intelligence feeds) while incorporating the expertise of experienced staffers who are skilled in differentiating between legitimate threats and false positives. This allows retailers to focus on additional security needs along with operations and overarching strategy, letting them minimize on-the-ground threats (shrinkage) as well as cybersecurity threats such as malware, APTs, social engineering and Denial of Service attacks.

DISCOVER: Find out how smart shelves are improving retail security.

Critical Security Solution #2: Zero-Trust Security Strategies

Zero-trust security architectures assume a baseline of defense against all users and systems, with no users assumed to be safe. This can be particularly useful in a retail environment, which often sees employee and insider theft contributing to shrinkage.

The specific solutions involved with a zero-trust approach can include security hardening, runtime code analysis, API security and the ability to create granular network segmentation across environments, all features included in zero-trust solutions such as those by Check Point.

Zero trust supports retailers in achieving their key business objectives. It works in tandem with MDR solutions to continuously monitor access and reduce the risk of data breaches. As a ground-up strategy, it can be designed to be as agile as an organization needs, allowing IT leaders to adjust to manage increasingly sophisticated cyberattacks.

READ MORE: Learn how a zero trust approach can protect your customer data.

Critical Security Solution #3: Security Info and Event Management

Security information and event management solutions can help reduce vulnerabilities and potentially limit the scope of data breaches. While MDR is focused on threat detection and response, SIEM looks at analytics and data collection, granting users visibility into activity on their systems. When a threat occurs, a SIEM tool might be used to analyze the threat for future protection; an MDR tool might be used in real time to ameliorate the damage.

This dual-track protection is important because of both the speed that a cyberattack can progress in the sector and the amount of time it can take for retailers to detect and respond to threats.

SIEM tools can also include strengthened identity management, such as those offered by RSA, which offers a robust unified identity platform and identity access management tools, and by Cisco, which offers network security and employee device protection, among other services.

When a zero-trust approach is applied, both MDR and SIEM solutions can do their work. The platforms and tools used by each component of retail cybersecurity architecture may vary, but with a thoughtful, holistic approach, retailers can set themselves up for a secure holiday season.

barisonal/getty images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.