Two Thirds of Retailers Increase Cybersecurity Measures During the Holiday Season
Infoblox Inc has announced in the last week new research revealing how retailers across the globe invest more in cybersecurity during the holiday period than at any other time of the year due to a seasonal increase in social engineering attacks. The research also found that threats like unpatched security vulnerabilities, insecure IoT devices, and the online consumers themselves are a risk to retailers this time of year.
The report titled, 'Retail Risks Revealed: Cybersecurity Threats at All Time High During the Holidays' details the findings from a survey 3,000 consumers and retail IT professionals in the UK, Germany, Netherlands and the U.S. on their experiences and attitudes towards online data privacy and security while shopping online during the holidays.
Sixty two percent of UK and German retailers claim to increase cybersecurity measures during the holiday season, with a third in each region citing a rise in social engineering attacks (35 percent in U.S., 34 percent in UK, 30 percent in Germany), aside from the Netherlands where social engineering attacks dominated for just over a quarter of businesses – though this was still the most common attack vector. Other kinds of attacks include:
- Social media scams – 19 percent in U.S., 15 percent in UK, 14 percent in the Netherlands, 12 percent in Germany
- DDoS attacks – 20 percent in the Netherlands, 17 percent in Germany, 12 percent in UK, 7 percent in U.S.
- Ransomware – 12 percent in U.S., 11 percent in Germany, 10 percent in UK, 9 percent in the Netherlands
44 percent of U.S.-based IT decision makers in retail say implementing new technology makes them more concerned, yet 44 percent of retailers plan to implement IoT devices like Amazon Alexa and Google Home in stores within the next 12 months. In the UK, artificial intelligence (43%) leads as the technology most likely to be implemented within the next year, followed by IoT devices (35%), fourth screen technology (24%), Omni channel technology (23%), and augmented reality (17%). Similar to the US, the majority of IT decision makers in the UK say they're concerned about new technologies, a stark contrast from the Netherlands where only 20 percent are concerned.
While the majority of global consumers shop online to some degree,17 percent of shoppers do nothing to protect their data while shopping online. The UK is the most complacent with just one in five taking no proactive action to protect their data. On the other hand, German consumers are more cautious when shopping online - with more than half of (53%) consumers only shopping on secured WiFi networks, and 62 percent of companies reporting implementing extra protection for consumers.
"The level of online shopping activity always increases significantly during the holiday season and can provide rich pickings for the opportunistic cyber-criminal, so it's no coincidence that more than half of retailers will increase their cybersecurity spending during their most prosperous and dangerous time of year," said Victor Danevich, CTO of Systems Engineering at Infoblox. "It's critical that enterprises take measures to get additional network visibility, so they can respond quickly to potential cyber incidents which could result in lost revenue and brand damage."
In order to prevent unwanted network activity and vulnerabilities during peak online shopping seasons, retailers need to gain complete visibility into their network. Intelligent DNS security solutions can help detect vulnerabilities by identifying unusual and potentially malicious network activity and provide deeper control at the infrastructure level. To stop sophisticated attacks like phishing, social media scams and social engineering, retailers need network monitoring solutions that leverage machine learning and artificial intelligence to identify malicious actors and potential cyber-attacks.
source prnewswire
Industry: Cyber Security News
Latest Jobs
-
- IDAM, Identity and Access Management consultant
- London
- N/A
-
The IDAM Consultant is responsible for leading implementation and support of high quality Identity and Access Management services while adhering to standards and best practices. The ideal Candidate would have experience primarily in IAM to serve as a member of a key client engagement teams that assist clients in employing proper information systems, resources, and controls to maximize efficiencies and minimize risk. Ability to take up challenges, adapt to the business needs, and staying focused on delivering results are essential to the success of this role. Key Accountabilities: • Serve as key member of the Identity Management Implementation teams delivering projects at client locations based from Home/London. • Participate in customer work shop to gathering understanding of the customer’s business requirements as it pertains to a solution to manage information security in their organization. Liaise with organizational teams such as Audit, Enterprise Architecture, Help Desk and Application owners • Develop and present a roadmap for security and identity and access management policies • Participate in detailed design and architecture workshops that will address requirements related to people, processes and technology • Perform hands-on implementation, troubleshooting, and setup of the technical infrastructure. • Provide training and knowledge transfer to internal employees and customers on various identity management products and technologies Qualifications Must Have Requisites: Must have previous years of experience and solid knowledge of: • Any Identity Manager: • Any Single Sign On Solution: • Directory servers: Sun DS, ODIEE • Application/Web Server: Websphere, Jboss, Weblogic, Tomcat • Languages: Java, .Net, Xpress • Web Technologies : HTML, XML • Operating Systems: Windows 2003/2008/2012, Unix, Solaris • Tools: VMware Workstation, LDAP Browser, SQL Developer
-
- Contract Cyber Security Project Manager
- London
- N/A
-
Aiding in the transformation of Cyber related projects and programmes ideally with Cloud Azure experience. Experience managing multiple project workstreams including Privileged access management (PAM) projects preferred. Prince2 experience. Outside IR35 Clients based in London
-
- Cloud Security Application architect, Contract
- London
- N/A
-
CSenior Cloud Security Application Architect / Security Consultant with a Cloud Application development background is needed for a 3-6 month initial contract (which is likely to extend) to help a Global business define, design, realign , document and migrate Cloud based applications / solutions in a secure way. Experience must include; Cloud Enterprise application architecture, an application development knowledge (tools, automation / deployment solutions), a background from a development would be ideal (this is not hands on development) but it would always help, This position will help drive the review and development of their cloud security offerings. Broader knowledge security policies and compliance is highly desirable. Client based in London
-
- Identity & Access Management Architect Contractor
- London
- N/A
-
Identity & Access Management Architect Contractor London • Extensive PAM / IAM experience required, • MUST have CyberArk and or Beyondtrust. Privileged access management • Technical review, recommendation, design and hands on technical skills key. • Cloud Azure architect experience ideal. • 6 month contract • Outside IR35