IT and Business Insights for SMB Solution Providers

As Holiday Shopping Gears Up, Retailers Get Cybersecurity Thumbs Down

SecurityScorecard’s retail industry report reveals cybersecurity deficiencies in key sectors ahead of holiday shopping season. By SSI Staff

SecurityScorecard, a provider of IT security ratings, has released its 2017 Retail & E-Commerce Cybersecurity Report and the results are discouraging.

The report is said to deliver a comprehensive analysis of cybersecurity vulnerabilities across 1,924 companies from January through October. As retailers prepare to focus on sales during the holiday season, merchants, major credit card issuers and others in the retail industry are failing to keep up with critical security processes and security controls needed to protect shoppers.

The annual report focused on the retail industry as compared to other major industries and the cybersecurity indicators of the best and worst cybersecurity performers. Among the report’s findings:

  • The retail industry ranks fifth out of 17 other major U.S. industries, but still showed major areas of concern.
  • On average, retailers score a D in network security and patching cadence, and a C in application security, DNS health and IP reputation.
  • Of the bottom cybersecurity performers, technology retailers and department stores scored the lowest compared to other types of stores.
  • 13% of the bottom cybersecurity performers in the retail industry were clothing retailers.
  • Six of the top 10 credit card issuers scored a C or below in network security and DNS health.

“Retailers are a prime target for cybercriminals,” says Sam Kassoumeh, co-founder and COO of SecurityScorecard. “Our analysis indicates that retailers continue to struggle with basic hygiene which leaves them vulnerable to attack. This includes both online and brick-and-mortar retailers. As we have seen with recent breaches, the lack of basic security controls and best practices can lead to a compromise of consumer data that can have a long lasting impact on customers.”

The potential for data breaches in the retail industry have dramatically increased, Kassoumeh says, given the reliance on third-party vendors, including Cloud providers and payment processors.

“The primary mechanism that retailers need to deploy is continuous monitoring of their vendors and within their own IT infrastructure,” he says.

The conclusions and rankings featured in the report are based on data derived from SecurityScorecard’s patented security ratings platform. A complimentary copy of the 2017 Retail & E-Commerce Cybersecurity Report can be downloaded here.

This article was originally published by our content partner and sister publication Security Sales & Integration.

Opening image: Pixabay

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.