October is Cybersecurity Month in the US and Europe, giving organisations from all industries an opportunity to assess their cybercrime resilience and security strength.
With big-name retailers and hospitality companies such as Dixons Carphone, Premier Inn operator Whitbread, and Superdrug among those under attack or breached in recent months, it seems like a great time for these adjacent sectors to place more attention on security. Here’s what to consider…
Know the major threats…
Specific cybersecurity threats for the 21st-century retail or hospitality company include, primarily, vulnerable Wi-Fi networks, weak point of sale defences, poor network configuration, inadequate staff education, and GDPR non-compliance.
More on the latter further on in the blog, but as for the others: these are – and have been for some time – the main reasons why retailers and hospitality businesses will succumb to an attack. If they haven’t already addressed it, what better time than Cybersecurity Month to get their houses in order?
…but don’t underestimate the wider cyber-threat landscape
Security professionals and authorities openly recognise that the rapid advancement of technology and the emergence of new customer engagement platforms makes it difficult for them to keep up with the criminals.
Cybercriminals are therefore always one step ahead, and organisations from all industries should be vigilant and move ahead with new strategies and deployments with caution – and with security always top of mind.
Consider the financial cost of attack
The British Retail Consortium estimates the annual cost of cybercrime to retail is in the hundreds of millions – letting your security defences down is evidently not a cheap pastime!
In its most recent report on retail crime, the trade association also said that almost half of its survey respondents had seen an increase in cybercrime over the course of the last year, giving further evidence to the suggestion that it’s a mounting threat.
Think about the reputational damage
Retailers and hospitality companies only have to look back a few years to 2013-2014, when almost three billion Yahoo! user accounts were affected in a hacking attack. The impact of the breach, when revealed, slashed the value of the entire business.
Cyber-risk puts jobs at risk
Until more recent big-name security problems, major US retailer Target was the poster child for data breaches in retail after its systems were compromised in the build up to the 2013 holiday season. It cost the company $18.5 million in settlement costs, following on from the $200 million-plus it spent on legal fees and related costs in the immediate aftermath of the breach.
Both the CEO and CIO at the time of the breach left the business soon after the problem came to light, showing the potential personnel cost of lax cybersecurity.
Get in the heads of hackers
Vodat’s Security Guide highlights some of the key tactics used by hackers. Defence is the best form of attack when it comes to staving off the criminals, so it’s good to know how they operate to.
Talk to others
The great thing about Cybersecurity Month is that businesses are all looking at the same issue together, in unison. Retailers and hospitality companies would be well placed to join the conversation with the likes of The European Union Agency for Network and Information Security, which is behind the campaign, to knowledge share and collaborate in the fight against crime.
The GDPR era
The buzz around GDPR compliance deadline earlier this year was palpable, but just because there’s no longer a race to email customers about changes in T&Cs and a scramble to get permission to hold their data, that doesn’t mean the new regulations are any less important.
There are new guidelines to follow, and retailers and hospitality companies should stay up to date with them to ensure compliance, because there are significant punishments for those who don’t.
Look for support
Vodat offers multiple solutions to provide robust security that is scalable, flexible and can be fully managed with 24/7 service and technical support. We’re here to help retail and hospitality companies strengthen their defences.
And finally… every month should be Cybersecurity Month
It’s great that various trade associations and prominent business groups have come together to form Cybersecurity Month and place a laser focus on a critical concern for modern businesses.
We argue that cybersecurity should not just be placed in the spotlight every October. Raising awareness levels should be an ongoing job.
As the high-profile breaches we’ve referenced show only too well; businesses are vulnerable – and the retail and hospitality sectors, which are rich in customer and transaction data, are operating with some of the largest targets on their back. It’s time for them to put up their security shields.