Canadian Retailer - Fall 2016 - 41

LOSS PREVENTION

quired. Everybody wants to share everything,
but after a certain point, you're not safeguarding the company's intellectual property."
Another ally in the fight against cybercriminals are "White-Hat Hackers"-computer security experts who perform non-destructive
"penetration checks" on a company's systems
to test their vulnerabilities (some are on payroll, while others bring system information to
Phishing: Thieves send an email with an ordinary-looking atbusinesses in exchange for payment-ironictachment, labelled as a spreadsheet, .pdf, or something equally
innocuous. When clicked, the attachment actually installs malally increasing the number of breach attempts
ware designed to steal your credentials (username, password,
each year). And while antivirus software, fireaddress book, etc). With access to the company email server
walls, and IT professionals are a crucial part of
and database, thieves can steal information or initiate fraudukeeping any business secure, some solutions
lent wire transfers.
According to the VDIR, in a series of more than 8 million
are surprisingly low-tech, up to and including
sanctioned phishing tests in 2015, 30 per cent of phishing
an awareness of social media presence.
emails were opened by targets, 12 per cent clicked the attach"I can learn almost everything I want to
ment, and only 3 per cent reported it to management.
know about a company on LinkedIn," WisniewInformation Theft: Criminals gain access to customer, employski chuckles. "Criminals can look on LinkedIn,
ee, or associate information-either through hacking, phishing
and they'll see, 'Oh, ok. The Director of IT's
emails, or phony PINpads using bluetooth and keystroke-recname is Jim. If I just start calling employees,
ognition technology-and use it for financial gain. This can take
the form of cloning debit and credit cards, or selling informaand saying I'm Jim from IT, and I need them to
tion directly-usually on the Deep Web.
reset their password for me, I'm going to trick
somebody within the first five calls."
"Canadian retailers are ahead of the times.
When it comes to Canada's place in the
global Data Security landscape, Wisniewski
Especially when it comes to credit information
and O'Keefe are of different opinions.
protection. Some of the safeguards on credit
"Many businesses in Canada aren't doing
cards-embracing chip and PIN technology way
nearly enough to protect their customer information," Wisniewski says flatly. "We have
ahead of the States, for example."
no Data Breach Notification laws in Canada.
- STEPHEN O'KEEFE, Gristmill Solutions
PIPEDA has some provisions, and there's one
about it. And they'll say 'Oh yeah, I thought other law, but there's no national or provincial laws. So most
that seemed kind of weird'. And we're going businesses don't do anything."
'Why didn't you tell me two weeks ago?' And
O'Keefe, for his part, is a little more upbeat-particularly
it's mostly because of the shame of it. And when it comes to retailers.
for years, us IT people, we've been shaming
"In a lot of ways, Canadian retailers are ahead of the times," he
people, saying 'How stupid are you?' and we says. "Especially when it comes to credit information protection.
need to change that attitude. I'd rather investi- Some of the safeguards on credit cards-embracing chip and
gate ten false reports and find one real one."
PIN technology way ahead of the States, for example. They're
In some cases, it's a matter of increased just going through that now. As far as personal information, the
cooperation between departments (Wisniew- different privacy acts are pretty much where they should be."
ski advocates two methods of authenticaHowever, both men agree that when it comes to combatting
tion for any wire transfers), and in others, as digital criminals, there's plenty of work still to be done.
O'Keefe points out, it's a matter of restrict"I speak in front of probably 100,000 people a year," Wisniewski
ing employee access-not only to prevent the adds, "and anecdotally, I'd say that half of businesses are having
theft of trade secrets, but to limit the damage some kind of computer security incident every year. Most of them
a criminal can do once inside the system.
aren't that big a deal, but even the small ones have a tendency
"You need to control access," he says. "People to cost between $5000-10,000. And those aren't even specifically
need enough information to do their job, and data thefts. That's where the information starts getting fuzzy."
enough to motivate them to become an enHe chuckles quietly, in spite of himself.
gaged player in the company, but not enough
"We like to joke that any organization who says they haven't
that you have more information than is re- had an incident just doesn't know it yet."
COMMON ATTACKS:

Ransomware: Hackers gain access to a company server and
encrypt all information-customer payment profiles and
company data-and hand over decryption keys only after a
ransom is paid (a fee which increases each day). While originally targeting individuals, businesses are increasingly being
affected; according to a study conducted by MalwareBytes,
close to 40 per cent of surveyed businesses had experienced
a Ransomware attack at some point in the past.

www.retailcouncil.org/cdnretailer

FALL 2016 | CANADIAN RETAILER

| 41


http://www.retailcouncil.org/cdnretailer

Table of Contents for the Digital Edition of Canadian Retailer - Fall 2016

Publisher’s Desk
Retail Currents
Retail Research
Independents’ Corner
Retail: At Issue
The Future of Retail
Technology for the Good
E-Commerce Next Practices
The State of Mobile Payments
Aldo Launches ‘Store of the Future’ at Westfield World Trade Center
The Hottest Summer in Half a Century
Once More Unto the Breach
Advertiser’s Index
Canadian Retailer - Fall 2016 - bellyband1
Canadian Retailer - Fall 2016 - bellyband2
Canadian Retailer - Fall 2016 - cover1
Canadian Retailer - Fall 2016 - cover2
Canadian Retailer - Fall 2016 - insert1
Canadian Retailer - Fall 2016 - insert2
Canadian Retailer - Fall 2016 - 3
Canadian Retailer - Fall 2016 - Publisher’s Desk
Canadian Retailer - Fall 2016 - 5
Canadian Retailer - Fall 2016 - Retail Currents
Canadian Retailer - Fall 2016 - 7
Canadian Retailer - Fall 2016 - insert3
Canadian Retailer - Fall 2016 - insert4
Canadian Retailer - Fall 2016 - Retail Research
Canadian Retailer - Fall 2016 - Independents’ Corner
Canadian Retailer - Fall 2016 - Retail: At Issue
Canadian Retailer - Fall 2016 - 11
Canadian Retailer - Fall 2016 - insert5
Canadian Retailer - Fall 2016 - insert6
Canadian Retailer - Fall 2016 - The Future of Retail
Canadian Retailer - Fall 2016 - 13
Canadian Retailer - Fall 2016 - 14
Canadian Retailer - Fall 2016 - 15
Canadian Retailer - Fall 2016 - 16
Canadian Retailer - Fall 2016 - 17
Canadian Retailer - Fall 2016 - 18
Canadian Retailer - Fall 2016 - 19
Canadian Retailer - Fall 2016 - Technology for the Good
Canadian Retailer - Fall 2016 - 21
Canadian Retailer - Fall 2016 - 22
Canadian Retailer - Fall 2016 - 23
Canadian Retailer - Fall 2016 - E-Commerce Next Practices
Canadian Retailer - Fall 2016 - 25
Canadian Retailer - Fall 2016 - 26
Canadian Retailer - Fall 2016 - 27
Canadian Retailer - Fall 2016 - The State of Mobile Payments
Canadian Retailer - Fall 2016 - 29
Canadian Retailer - Fall 2016 - 30
Canadian Retailer - Fall 2016 - 31
Canadian Retailer - Fall 2016 - Aldo Launches ‘Store of the Future’ at Westfield World Trade Center
Canadian Retailer - Fall 2016 - 33
Canadian Retailer - Fall 2016 - The Hottest Summer in Half a Century
Canadian Retailer - Fall 2016 - 35
Canadian Retailer - Fall 2016 - 36
Canadian Retailer - Fall 2016 - 37
Canadian Retailer - Fall 2016 - Once More Unto the Breach
Canadian Retailer - Fall 2016 - 39
Canadian Retailer - Fall 2016 - 40
Canadian Retailer - Fall 2016 - 41
Canadian Retailer - Fall 2016 - Advertiser’s Index
Canadian Retailer - Fall 2016 - cover3
Canadian Retailer - Fall 2016 - cover4
https://www.nxtbook.com/naylor/RETS/RETS0617
https://www.nxtbook.com/naylor/RETS/RETS0517
https://www.nxtbook.com/naylor/RETS/RETS0417
https://www.nxtbook.com/naylor/RETS/RETS0317
https://www.nxtbook.com/naylor/RETS/RETS0217
https://www.nxtbook.com/naylor/RETS/RETS0117
https://www.nxtbook.com/naylor/RETS/RETS0616
https://www.nxtbook.com/naylor/RETS/RETS0516
https://www.nxtbook.com/naylor/RETS/RETS0416
https://www.nxtbook.com/naylor/RETS/RETS0316
https://www.nxtbook.com/naylor/RETS/RETS0216
https://www.nxtbook.com/naylor/RETS/RETS0116
https://www.nxtbook.com/naylor/RETS/RETS0615
https://www.nxtbook.com/naylor/RETS/RETS0515
https://www.nxtbook.com/naylor/RETS/RETS0415
https://www.nxtbook.com/naylor/RETS/RETS0315
https://www.nxtbook.com/naylor/RETS/RETS0215
https://www.nxtbook.com/naylor/RETS/RETS0115
https://www.nxtbook.com/naylor/RETS/RETS0614
https://www.nxtbook.com/naylor/RETS/RETS0514
https://www.nxtbook.com/naylor/RETS/RETS0414
https://www.nxtbook.com/naylor/RETS/RETS0314
https://www.nxtbook.com/naylor/RETS/RETS0214
https://www.nxtbook.com/naylor/RETS/RETS0114
https://www.nxtbook.com/naylor/RETS/RETS0613
https://www.nxtbook.com/naylor/RETS/RETS0513
https://www.nxtbook.com/naylor/RETS/RETS0413
https://www.nxtbook.com/naylor/RETS/RETS0313
https://www.nxtbook.com/naylor/RETS/GrandPrix2012
https://www.nxtbook.com/naylor/RETS/RETS0213
https://www.nxtbook.com/naylor/RETS/RETS0113
https://www.nxtbook.com/nxtbooks/naylor/RETS0612
https://www.nxtbook.com/nxtbooks/naylor/RETS0512
https://www.nxtbook.com/nxtbooks/naylor/RETS0412
https://www.nxtbook.com/nxtbooks/naylor/RETS0312
https://www.nxtbook.com/nxtbooks/naylor/RETS0212
https://www.nxtbook.com/nxtbooks/naylor/RETS0112
https://www.nxtbook.com/nxtbooks/naylor/RETS0611
https://www.nxtbook.com/nxtbooks/naylor/RETS0511
https://www.nxtbook.com/nxtbooks/naylor/RETS0411
https://www.nxtbook.com/nxtbooks/naylor/RETS0311
https://www.nxtbook.com/nxtbooks/naylor/RETS0211
https://www.nxtbook.com/nxtbooks/naylor/RETS0111
https://www.nxtbook.com/nxtbooks/naylor/RETS0610
https://www.nxtbook.com/nxtbooks/naylor/RETS0510
https://www.nxtbook.com/nxtbooks/naylor/RETS0410
https://www.nxtbook.com/nxtbooks/naylor/RETS0310
https://www.nxtbook.com/nxtbooks/naylor/RETS0210
https://www.nxtbook.com/nxtbooks/naylor/RETS0110
https://www.nxtbook.com/nxtbooks/naylor/RETS0309
https://www.nxtbook.com/nxtbooks/naylor/RETS0209
https://www.nxtbookmedia.com