The E-Commerce Cyber Security Advantage
The retail industry is a prime target for fraud and data breaches. One of the reasons why the retail industry is so attractive to fraudsters is because every transaction has the potential to yield multiple types of customer data associated with credit and debit cards, whether it comes from infecting in-store technology or if data is stored elsewhere.
Contrary to what you may think, however, brick-and-mortar retailers, which carefully deploy heavily tested and proven point-of-sale (POS) software to handle critical checkout tasks in-store, may be struggling more than online retailers, who have much more frequent updates to their order and payment applications to protect customers’ sensitive personal data and banking information.
Pre-Internet Software in a Real-Time Hacker World
If the design of your store software stack originated in the pre-internet era, when taking months to roll out updates to POS software on CD "golden disks" was the norm (with POS systems having a life cycle of 10 or more years, systems such as these are still in operation!), how do you respond effectively to today's cyberhackers, who continuously invade your environment probing for vulnerabilities? And even if you know you have a breach, the POS fix across a large chain may take weeks or months.
As a a hacker, of course, you would want to "follow the money" and attack high-profile brands such as Target, Neiman Marcus, Home Depot, Michael's and now Staples, as well as JP Morgan Chase. It's hard to avoid risk as both retailers and banks have exposure. Ironically, we're seeing consumers coming back to cash to avoid the exposure entirely when shopping in physical stores!
Now more than ever, retailers must be on the cusp of new technology or risk falling behind the marketplace. Why? Because shoppers will stop connecting with brands that fail to protect their information and data. A study by Software Advice discovered that more than three-quarters of consumers would be less likely or completely unwilling to purchase from a company that compromised their personal data.