The retail industry is constantly evolving as its customers are increasingly expecting ease of purchase and a more convenient experience to link their in-store and online activity. Information Security risks such as security breaches are now a major concern in the retail industry as repeated cyber-attacks reduce consumer confidence in their brands.
"Retailers are operating in an era defined by tepid consumer spending and rapid technological change that is revolutionizing every aspect of the industry—from supply chain operations to payment channels and marketing. Retailers must balance keeping pace with evolving commerce channels and maintaining customer privacy and data security in an increasingly complex digital environment."
Doug Hart, partner in BDO’s Consumer Business practice
One of the first major retail breaches to hit the headlines was probably Target in late 2013 as they were subject to a data hack at its US stores. Over 40 million customers were exposed to fraudulent activity as malware was introduced to the POS system in around 1,800 stores. A month later, Target went on to admit that a further 70 million customers had their personal information stolen in the same attack.
The 2013 Target breach was linked to a third party contractor having access to the Target network and concerns were raised as to whether Target were in compliance with PCI-DSS at the time of the breach.
The misuse of privilege in the hybrid-cloud world has become one of the most critical security challenges, because uncontrolled access to Privileged Accounts opens a “barn door” through which untrusted 3rd parties can compromise data and inflict cyber-attacks, ultimately causing irreparable damage to the business and its corporate reputation.