Security isn't always about investing in the most expensive solutions. Rather, it's about adopting strong security policies and integrating them into day-to-day activities. Consider Target's case. It had a proper compliance validation assessment with PCI Security and spent $1.6 million on a malware detection system, yet overlooked warnings about intrusion. This shows that investing a fortune on sophisticated IT security systems and obtaining compliance certificates doesn't guarantee that all data is heavily protected by default. With the amount of information obtained by organizations constantly changing and growing, a single malicious, unnoticed modification may lead to a data leak. So what can retailers do to prevent data breaches?