In the dynamic world of retail, the constant threat of cyberattacks requires ongoing vigilance. While the holiday season often sees a surge in consumer activity, the truth is that, in today’s interconnected landscape, retailers must adopt strategies to safeguard their systems throughout the year.
From legacy CCTV to contemporary technologies, every component of a retailer’s system is susceptible to cyberthreats that can have significant repercussions. Although transitioning from legacy CCTV and analog devices to contemporary physical technologies can yield valuable data insights, failure to secure these technologies properly might inadvertently introduce vulnerabilities into the system.
Today’s cameras and IoT devices collect valuable data that must be protected, as the implications from a breach can be critical and result in significant loss to businesses. For example, a recent IBM report revealed that the average cost of a retail data breach is around USD 2.96 million.
Further still, the retail sector has access to more personally identifiable information (PII) from customers than most industries, meaning it is particularly lucrative for cybercriminals. With the potential risk of theft of customer data and PII, cybersecurity should, therefore, be a high priority for retailers.
Why prioritise cybersecurity in the surveillance system
When it comes to hardening defences against attacks like these, access to threat intelligence and other threat intel sources provides businesses with a competitive advantage. Regardless of the quality of video that an organisation’s surveillance system provides, it’s crucial that its suppliers demonstrate a high level of cybersecurity maturity and offer measures that help protect its system.
In line with this, it’s important to ensure that the software used is fully updated to include the security patches. As part of security management, retailers should be looking to ensure that their entire system is protected from potential attack, including identification of any potential weaknesses that could result in the system being compromised.
A proactive approach of conducting regular security audits and vulnerability assessments can help organisations identify and address potential weaknesses in the system before they can be exploited by threat actors.
Overall, the surveillance vendor should provide software tools that help them manage risk, and a reliable partner should advise on best practices to maximise protection against evolving threats.
Preparing employees for cybersecurity
Human error is another common vulnerability, and the importance of cultivating a knowledgeable workforce cannot be overstated.
Employees are often the first line of defence against sophisticated phishing attempts and various social engineering tactics that cybercriminals employ, so ensuring the ongoing training of employees in cybersecurity best practices is paramount in fortifying a retailer’s defence against evolving cyber threats.
By instilling a comprehensive understanding of cybersecurity protocols and potential risks through regular training sessions, retailers can empower their staff to recognize and thwart malicious activities.
In this dynamic landscape of cyber threats, where tactics continually evolve, the role of well-informed employees becomes increasingly critical. Ongoing education can help retailers not only reduce the risk of human-related security breaches, but also foster a collective commitment to maintaining a secure digital infrastructure.
Data privacy: complying with the regulations
When it comes to protecting customer data and reducing the risk of fraud for the organisation, complying with local data privacy regulations is crucial.
The Australian Privacy Act 1988 offers the guidelines to governments agencies and businesses handling personal information.
For global retailers that operate in multiple jurisdictions or deal with global customers, it’s also important to observe cybersecurity practices that align with international standards, even if their headquarters are based in Australia.
Not complying with regulations and standards like this can bring catastrophic results, considering the costs of the breach itself and any related fines, the damage to a company’s reputation, and the loss of customer trust. For instance, research shows two-thirds (65%) of shoppers express they’d be likely to terminate their relationships with retailers after experiencing even just one instance of data theft or payment fraud.
Empowering retail resilience
The importance of cybersecurity in retail cannot be underestimated. Cybersecurity spans the entire retail and logistics supply chain and so it’s important to protect computer networks and data. By working with suppliers who value cybersecurity, businesses are one step closer to ensuring that they are prepared to face the spike in cyberthreats.
Given the current economic climate and the fact that retailers are, understandably, wary of losing customers, bolstering cybersecurity, and taking proactive steps to keep customer data safe is more important than ever before.
Rodney Guinto is account executive at Axis Communications.