Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

No holidays for cybercriminals

John Ellis, Enterprise Security Director, Akamai Technologies | June 17, 2014
We have always observed a spike in cyber-attacks during sales seasons. They are orchestrated to hit the retailers when it hurts the most, with increased traffic and sales transactions. Here are some tips on how retailers can protect themselves and their customers

It is important to ensure that your security investments are aligned with the goals of your websites. Too much security can hinder the users' experience. Just think of 'Captcha', the funny squiggly letters that one needs to decipher and enter accurately to gain access to the site, too often creating a displeasing user experience. Yet too little security can create exposures that if exploited erode brand value and worse, could result in fraud and unauthorized disclosure of sensitive customer information.

4.       Evaluate, and adjust your defences

Now the new defences (rules, signatures, controls) are in place, but it is still not finished. Information security is very much an ongoing and iterative process. Once you've updated your protective controls, it is back to step 1, review, and adjust, so you can maintain that level of security and prevent your website from falling victim to an attack.

Depending on the size of the company, securing a website can be a full-time job. Attackers are working overtime to poke holes in retailer's security measures, so it is essential that experts are up-to-date on the latest threats and trends, constantly re-evaluating the rules implemented. If retailers do not have the time (understandably) to manage these processes themselves, they must ensure that they are working with a trusted third party who will monitor threats and update the defences regularly.

However, despite all best efforts, sometimes cyber adversaries are still able to get through the defences. It is important for retailers to have a comprehensive security and incident response strategy in place to prepare themselves for a potential security breach. It is never fun to be scrambling for a response protocol in the midst of a cyber-attack, always be prepared. 

 

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.