The Australian retail sector is the third most targeted industry when it comes to cyberattacks, after finance and healthcare, the Office of the Australian Information Commissioner’s Notifiable Data Breaches report has revealed.
With the increasing sophistication in cybercrime, the rise in regulatory demands, and high expectations for digital experiences, exposure management company, Tenable is urging fashion brands to strengthen their cyber defences and make Active Directory (AD) security a strategic imperative.
“AD has become the favoured target for attackers to elevate privileges and facilitate lateral movement through leveraging known flaws and misconfigurations,” Tenable Australia and New Zealand country manager, Scott McKinnel said.
“Unfortunately, most fashion organisations struggle with AD security due to misconfigurations piling up as domains increase in complexity, leaving security teams unable to find and fix flaws before they become business-impacting issues.”
The fashion industry, like many other industries, faces a number of security challenges when it comes to protecting its AD environment.
Mergers & Acquisitions
Mergers and Acquisitions (M&A) can present a significant challenge for the fashion industry when it comes to AD security. During the M&A process, companies may need to merge multiple AD environments which can be complex and time-consuming and can be difficult to ensure that all systems and data are properly integrated and secured.
Supply chain attack risk
Supply chain attacks target vulnerable third-party suppliers or vendors to gain access to a target organisation’s systems and data. In the context of AD, an attacker could exploit vulnerabilities in a third-party software or service integrated with AD to gain access to sensitive information, such as customer data and financial information
Protection of IP and data exfiltration threats
Data is the most valuable asset for fashion businesses. The idea of data security for the fashion vertical has expanded beyond the traditional safeguarding of designs and patterns to include valuable information regarding customer demographics and shopping habits. The main security threat comes from industrial espionage.
Tenable Active Directory is equipped with the capabilities to proactively detect security threats within a fashion company’s AD infrastructure — arising from merger & acquisition activities, weak links in the supply chain and poorly guarded data— and respond to live attacks to stop attackers in their tracks.