Skip to main content

Understanding, Preventing and Detecting Retail Breaches

April 10, 2014

Recently, there have been a number of high-profile cyber-attacks in the retail industry. These security breaches are becoming more and more commonplace due to the large payoff to criminals in seizing digital information. Earlier today we published a white paper on this topic, which lays out how a malicious attack occurs, and how it can be prevented or detected. You can read the full paper here.

There are a variety of techniques that an attacker uses to gain access to sensitive information and exfiltrate the data outside of a retailer’s network. While many companies are focused on anti-malware for point of sale (POS) systems, it’s important to understand and remediate the different vectors that an attacker may use to gain access to the POS or corporate systems. Understanding the patterns and profiles provides a method to prevent or detect the attacks as they are occurring.

Many times an attack can be stopped with a holistic approach that takes a broad perspective of your corporate system, processes and the people in the environment. There are several key security initiatives that can significantly reduce the risk of an attack in a retail setting:

  • Installing and maintaining commercial anti-malware protection.
  • Performing application penetration testing.
  • Training application development staff on secure coding techniques.
  • Implementing a vulnerability management program.
  • Ensuring that security event monitoring is capturing and reporting critical security alerts and that staff is ready to react to the alerts.
  • Having a trained and tested incident response team.

Attacks can occur in any industry sector that holds sensitive data, such as healthcare records or intellectual property. The lessons we are learning from the retail sector can be applied across a number of industries.

 

Related Blogs

February 15, 2018

Security Simplified

It's no secret that data breaches are an ugly reality for businesses today, and despite ever increasing investments, organizations seem unable to stem...

See Details

January 12, 2018

Regarding Spectre and Meltdown

On January 3, 2018, the Graz University of Technology released their papers on identified vulnerabilities dubbed “Meltdown” and “Spectre” via the webs...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

January 24, 2014

Trends in Credit Card Data Breaches and Why You Should Be Concerned

As FishNet Security's Incident Management team handled credit card data breaches, PFIs and other response engagements in 2013, they observed a rise in...

See Details

October 02, 2012

Retail Industry Information Security Trends | Optiv

As it has been the last several years, security in retail is primarily driven by the need to be PCI compliant. Secondary security drivers are privacy ...

See Details

July 15, 2014

So Many Breaches…What’s Being Done?

It seems that every day we’re hearing news of a new vulnerability or breach that is compromising data. Will this ever end? Unfortunately, no – it’s th...

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.