Understanding, Preventing and Detecting Retail Breaches

By James Christiansen ·

Recently, there have been a number of high-profile cyber-attacks in the retail industry. These security breaches are becoming more and more commonplace due to the large payoff to criminals in seizing digital information. Earlier today we published a white paper on this topic, which lays out how a malicious attack occurs, and how it can be prevented or detected. You can read the full paper here.

There are a variety of techniques that an attacker uses to gain access to sensitive information and exfiltrate the data outside of a retailer’s network. While many companies are focused on anti-malware for point of sale (POS) systems, it’s important to understand and remediate the different vectors that an attacker may use to gain access to the POS or corporate systems. Understanding the patterns and profiles provides a method to prevent or detect the attacks as they are occurring.

Many times an attack can be stopped with a holistic approach that takes a broad perspective of your corporate system, processes and the people in the environment. There are several key security initiatives that can significantly reduce the risk of an attack in a retail setting:

  • Installing and maintaining commercial anti-malware protection.
  • Performing application penetration testing.
  • Training application development staff on secure coding techniques.
  • Implementing a vulnerability management program.
  • Ensuring that security event monitoring is capturing and reporting critical security alerts and that staff is ready to react to the alerts.
  • Having a trained and tested incident response team.
Attacks can occur in any industry sector that holds sensitive data, such as healthcare records or intellectual property. The lessons we are learning from the retail sector can be applied across a number of industries.