The Do’s and Don’ts of cybersecurity for retailers

The Do’s and Don’ts of cybersecurity for retailers

With $4.45 billion spent during a major online shopping weekend in November 2015 alone (Fortune), it’s clear that the need for retailers to safeguard credit card data, consumer data, transactions and other sensitive data is becoming ever more pressing. Such a large volume of critical data is passed between various points every second, making it essential for the infrastructure to be protected from end to end.

To overcome this, Paul German, VP EMEA, Certes Networks gives five essential Do’s and Don’ts for retailers to keep in mind when putting strategies in place to keep customer data protected from the hackers.

Don’t: Assume your system is safe
Do: Accept a breach is going to happen

Breaches are happening all the time. It’s an unfortunate fact, but one that retailers must come to terms with: data breaches are inevitable. The amount of data breaches hitting the hacking headlines this year alone shows that retailers need to accept that hackers will get in, and instead should focus on using crypto-segmentation strategies to limit what the hackers can access. Don’t: Rely on breach detection and protection policies alone
Do: Focus on breach containment to keep the hackers at bay

With the acceptance that breaches are going to occur must come the recognition that breach protection and detection policies are no longer enough to keep the hackers out. Instead, retailers must open up to the world of breach containment, a strategy that focuses on limiting the scope of a breach by containing it to a single segment of the network, instead of leaving the hackers to move laterally throughout the system at their leisure. Don’t: Define your software strategy by the network
Do: Make security application and user specific

Long gone are the days where it’s acceptable for an effective security strategy to focus purely on the network. Instead, modern, software-defined security positions the security policies and protection functions around applications and users, which, in a retail environment, means only giving access to customer data to those that need it. For example, a sales transaction and the accompanying payment card and consumer data should be accessible to only the authorised sales person conducting the transaction. The company logistics managers, corporate managers, HVAC contractors and others do not need access to the transaction data. Yet the primary security model used by retailers has no effective isolation of the payment card application. In breach after breach, hackers have compromised a user unrelated to the payment card systems, then moved laterally to get to the payment card information. Don’t: Focus security on individual silos
Do: Manage security end to end across all silos

The enterprise IT environment is fragmented across many silos, includ–ing LAN, WAN, Internet, mobile, Wi-Fi, cloud, data centre, remote facilities, disaster recovery and backup and others. Each of these silos has its own method of application protection and access controls, and is commonly managed by separate teams in the enterprise. What’s more, enforcing consistent policies and protection from end to end across all these zones is enormously difficult given the fragmented nature of the technologies and teams. To combat this, a strategy is needed that enforces protection and policies horizontally across all silos, requiring no changes to the network or applications, and putting all control in the hands of the security manager. Don’t: Allow any network to be trusted
Do: Put in place segmentation and isolation to protect applications on all networks

The multiple hacks of 2015 show retailers must adopt a “No Trust” security model, which assumes that there is no such thing as a trusted network or IT environment. Instead, every user, device, network and application must be treated as untrusted, and all enterprise systems should be considered already compromised. Additionally, applications must be segmented, which simply means that an isolation method such as encryption is used to isolate the application flow and prevent access by unauthorised users. However, the most effective approach is to isolate the sensitive data with strong cryptography and tightly control access to it based on user roles. This segmentation should then be applied consistently across all silos, for all users in the enterprise.

An effective cybersecurity strategy needn’t be complicated; however, it’s about knowing which strategies are effective and which approaches to take in order to protect valuable customer data and avoid the PR catastrophes faced by many retailers in the ongoing wave of headline-grabbing data breaches.

[su_button url=”http://certesnetworks.com/” target=”blank” background=”#df2027″ color=”#ffffff” size=”10″ radius=”0″ icon=”icon: arrow-circle-right”]Click here to find out more about Certes Networks[/su_button]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Graphic displaying a lockdown solution

Netgenium debuts next gen display and touchscreen technologies

Power-over-Ethernet (PoE) solutions specialist Netgenium will be showcasing its new range of IP…
Image Provided by Contacta Inc

Contacta Inc bolsters security market with new distribution

Manufacturer of window intercom and assistive listening systems, Contacta Inc, has bolstered its presence in the market with new distribution
Image provided by Veeam

AI and Ransomware: Cutting Through the Hype

Rick Vanover, Vice President Product Strategy, Veeam discusses how It might be the great paradox: Artificial Intelligence (AI)….
Salto Systems

The new Salto XS4 One S Keypad

Salto’s latest access control offering combines state-of-the-art credential technology with advanced PIN code management for both…
Gunnebo Entrance Control

Gunnebo Entrance Control Unveils Solutions for ISC West 2025

Gunnebo Entrance Control will be exhibiting its latest entrance control technologies at ISC West 2025 in Las Vegas, offering smart…
Copyright: Security Buyer

AmiViz Partners with Titania

AmiViz announced a strategic distribution agreement with Titania. This collaboration underscores a shared commitment to enhancing…
Copyright: Security Buyer

Facial Recognition: Innovation vs. Accountability

Facial recognition technology is advancing with AI, IoT, and privacy-first security, but regulatory compliance, ethical AI, accountability…
Hospitality

The AI Shift in Hospitality Security

Hannah Larvin assesses how AI-driven security in hospitality enhances surveillance, access control, and incident response, balancing safety..
Johann Kraus, Hexagon

Retailers Need to Work with the Government, Police and Tech Sector

The British Retail Consortium (BRC) published its annual Retail Crime Survey last week, Johann Kraus, Retail Global Account Manager…
Rhombus

Rhombus Launches AI Capabilities for Faster, Smarter Security Investigations

Rhombus, a provider of cloud-managed physical security, today announced the launch of three new additions to its AI portfolio that transform
Scroll to Top