News By Tag
News By Place
Big Data Security in Today's Retail World
Despite a decade or more of effort and spending in the billion-dollar range, the global retail industry remains inadequately protected against data thievery and malicious attacks on the sensitive financial and personally identifiable information on which it depends. Of the 970 financial professionals who responded to a survey at the Association for Finance Professionals conference in 2013, 62% said that their organization has been subject to either an actual or attempted cyber-attack at least once over the past year -- and those are just the known attacks. Some attacks aren't discovered until a year or more later, at which point the damage can be insurmountable. Not only do these attacks decimate a company's reputation, they also represent a high financial cost: customers' credit cards must be replaced, for example, and stock prices often take a significant hit.
Historically, retail CIOs have been charged with addressing data vulnerabilities but CFOs are increasingly playing a crucial role in the important work of security management. According to Deloitte's third-quarter 2014 CFO Signals™ report, 74% of the 103 CFOs surveyed said cyber-security is a top priority, while only 6% deemed it a lower priority. Retail CFOs, for one, are responsible for maintaining control over financial reporting, and must understand where information is at all times -- and how it is secured -- to prevent loss of funds through theft or the cascading effect of a business partner's security breach. CFOs are also expected, of course, to provide complete disclosure to their corporate board, including disclosure about the possibility of cyber-attack and its potential effect on the financial standing of the company.
With the booming popularity of online shopping and shopping apps, Big Data security at the application level is of paramount importance. Although these websites and apps make shopping simple and convenient, they can also jeopardize customer data when data-sharing protections such as encryption, access-control technologies and digital certificates are not adequately robust or standardized across-the-board.
Retail transactions have always been a target for thieves, and transactional-
Service-level attacks, while not as common as those at the transactional level, still represent a significant threat to Big Data security for retail. IBM Security Intelligence reports that attacks by those with intimate knowledge of retail companies account for only 3 percent of data security breaches, but the fallout can be monumental. Moreover, when a culture of security is not established within a company, a service-level breach at one checkpoint within a company can lead to a domino effect.
At the infrastructure level, retail companies have seen a surge of distributed denial-of-service (DDoS) attacks, an attempt by multiple servers to send simultaneous requests to the target's Web servers with the intent of making them crash. When a retail website crashes, its customers go elsewhere. Even worse, attackers often use DDoS attacks to distract a company while they simultaneously steal customer data. Compounding the problem is a sector-wide dependence on legacy or unpatched technologies. Insecure system configurations can also facilitate or exacerbate these attacks, and companies must also increasingly consider the safety of IoT-based devices such as printers and security cameras. Even wireless access or the in-store voice or IP network can pose a security hazard when malicious hackers can gain access.
Yet for all the security risks attributed to Big Data, retail companies' confidential data files -- such as internal emails and audio recordings of telephone conversations -- also provide a means to manage that risk. One example that can provide Big Data security at the service level is a technology called "natural language processing,"
Round World Solutions' Big Data 360-degree Tool can assist CXOs as they take effective measures to both prevent and mitigate cyber attacks by criminal organizations, hacktivists and espionage units worldwide. Our custom, template-driven checklist can determine the level of risk at every level of security management, provide a window into how targeted information might be used by cyber criminals in an ever-changing threat environment and help companies act swiftly to determine the nature of an attack and reduce damage should an attack occur.
The cost of a cyber-attack, whether financial or reputational, can be astounding.
By Tiffany Fox
Public Information Officer
For more information on our exclusive Fortune 1000 CXO Interview Panel, where we discuss Big Data Security and similar topics with other CXOs in the marketplace, visit http://iccgusa.com
Emi Hara, Vice President, Solutions & Delivery