Stores, a subsidiary of the National Retail Federation, recently spoke with Theresa Payton, former chief of information officer at the White House. Payton offered advice for retailers on how they can protect their businesses and customers from digital criminals.
Take risk assessment seriously
"Ransomware is one of the most underreported types of cybercrimes."
Payton told Stores retailers should evaluate the health of their cybersecurity systems a minimum on once per year. This includes checking the protective status of everything from credit card payment processors and data storage terminals to antivirus systems; anything with an online connection that can potentially be exploited.
Having certain protections in place to meet regulatory compliance does not mean threats are completely extinguished. A 2014 survey from Deloitte discovered among security experts from retail companies and government agencies, only 71 percent felt the standard regulatory security implementations were "somewhat effective" in preventing breaches.
Evaluating one's security on a regular basis can save business owners from headaches in the future. Payton recommended retailers undergo risk assessments when implementing new hardware, during periods of high employee turnover and when new procedures are introduced, according to Store.
Ransomware awareness and protection
Ransomware is a type of malware that encrypts data on the infected computer then asks for payment before the information can be decrypted. Payton noted ransomware is one of the most underreported types of cybercrimes and retailers are attractive target because they often pay ransoms to retrieve their data.
The WannaCry ransomware attack in May was the world's largest to date and affected over 200,000 computers in 150 countries, with victims including banks, hospitals, telecommunications companies and warehouses, according to CNET.
Consistently updating operating systems and programs and avoiding suspicious links online can help protect retailers from ransomware attacks.
Backup data, devise plans and use kill switches
Payton advised retailers not to have all their data stored in one central location. Information should split between a few server or network locations to prevent hackers from accessing all your data at once. Information should be backed up thoroughly at each storage destination.
Retailers should also have a plan in place to deal with a potential security breach before one occurs. Lay out each procedure and what your available resources are for mitigating problems.
Kill switches are tools businesses should have to quickly disconnect from the web if a hack occurs. These devices should prevent every piece of equipment throughout the entire company from accessing the internet. They can prevent criminals from further accessing important data and give retailers a chance to privately take the next steps in protecting themselves.
Cloud 9 can provide retailers with the payment processing software they need to not only reach full regulatory compliance but efficiently combat any cyber threats against their business.
To learn more about effective card processing software, get in touch with Cloud 9 today.