The retail industry saw more than its fair share of data breaches in 2017, with security incidents detected at American supermarket chain Whole Foods Market and clothing companies Brooks Brothers, The Buckle, and Forever 21, to name a few.

At least some of those events likely resulted from retailers’ poor data breach preparation. Consider the fact that just 28 percent of IT security professionals told Tripwire in November 2017 that their organization had a fully tested plan in the event of a breach.

It’s also worth mentioning that close to half (44%) of companies included in Verizon’s 2017 Payment Security Report failed to protect payment card data on an ongoing basis and that 100 percent of all breached Payment Card Industry (PCI) certified companies had previously failed a PCI compliance audit.

So what can retailers do to make sure they don’t fall victim to a data breach in 2018?

Added protections like chip & pin, and end-to-end encryption are good improvements for consumers.

Even so, organizations would be wise to step up their defenses in 2018. That’s because malicious actors are constantly developing new methods of attack with which to target retailers. To illustrate, Forrester Research anticipates cyber-criminals will begin developing point-of-sale (POS) ransomware in 2018, making retailers their next lucrative target for extortion-based ransom demands.

Cybercrime shows no signs of slowing down. As a result, retailers would have a lot to gain by going beyond compliance and taking a holistic approach to securing and maintaining the integrity of their systems.

Such measures would help protect them against security incidents and their consequences like negative headlines, angry customers, and hefty fines. Take the European Union’s General Data Protection Regulation (GDPR), for example. Failure to comply with GDPR could be fined up to 4 percent of (Read more...)