Canadian Retailer - Holiday 2015 - 34
CYBER-SECURITY
ers access to every other system linked to the POS.
Similarly, the interconnectedness of a retailer's head
office network can create other routes for an invasion. A computer in the marketing department, for
example, may have access to other systems and allow hackers working from the inside to infect the
broader network.
Leadership in security
criminal syndicates. If a retailer has valuable information, like credit cards and customer information, they
are a target.
"People believe it won't happen to them," he says.
It's an outmoded idea that needs to change. "After so
many wakeup calls, people don't have the luxury of
being oblivious." This means becoming intelligent
to vulnerabilities to the store's data, an increasingly
valuable asset.
"If I were a retailer," Pozhogin says, "I would try to
learn as many lessons from breaches as possible and
make sure they never happen again."
In the wake of these breaches, many retailers have
appointed chief information security officers (CSIOs)
to oversee the security of the store's information. The
Home Depot, to take one example,
went public with news that it hired "People believe it won't happen to them. After so
Jamil Farshchi as CISO.
many wakeup calls, people don't have the luxury of
Mark Nunnikhoven, vice president of cloud research at Trend being oblivious. If I were a retailer, I would try to learn
Micro, a company specializing in as many lessons from breaches as possible and make
internet security, calls the appointsure they never happen again."
ments of CISOs "a fantastic move"
- ANDREY POZHOGIN, Kaspersky Lab North America
for retailers.
"These roles are all about identiTHE COSTS OF BREACHES
fying security risks," he says. "It's
Stolen personal detail is gold. But how much, in dollars, will the
recognition that security requires
underground economy pay for stolen data?
an investment."
* 5 cents: value of online gaming credentials on the Chinese black market
These new players on the re* $6: value of 300 IP addresses on the Russia black market
tailer scene-a scene that has
become increasingly driven by
* $155+: value of a set of business application account credentials on the
Brazilian black market
data-will work to minimize risks
*
$1,627: combined value of a set of mobile, online shopping account
and reduce the occurrences and
credentials, credit card information and IP addresses to Chinese criminals
damage caused by breaches. As
*
$1,931+: value of a list of landline numbers in Brazil
the digital security experts in the
business, they bring up risks for
Figures in U.S. dollars. Supplied by Trend Micro.
active discussion with executives
and work across the industry to share intelligence Other solutions
and reduce industry-wide threats.
Defining a leadership role for information security
Organizationally, the retailers may struggle to inte- is an important step for retailers who want to avoid
grate the new position into the business. Nunnikhov- seeing their names in print for unfortunate reasons.
en says the impulse retailers have to slot CISOs under Pozhogin says other steps can help reduce the opthe chief information officer may be a misstep for portunity for ever-more sophisticated criminal syndisome retailers. The risk, he says, is that CIOs, who cates to break into the business's computer systems.
traditionally oversee the evolution of the business's
Key among these steps is segmenting networks and
technology, may make decisions based on technology imposing controls over who can access different segneeds, not security issues.
ments of the network. End-to-end encryption for data
"Security risk shouldn't be conflated with technol- should become standard practice for retail businesses.
ogy," he says, and points out that some information Encryption should be set so only people who need to
security risks encompass issues that do not relate dir- access the data can access it. And POS systems don't
ectly with technology. A better approach to this might have to be as connected as they are currently.
be to make CSIOs peers with CIOs. "Loss is loss," he
"Retail networks are so interconnected and most
says. "Should CSIOs be part of loss prevention, or data is accessible," says Pozhogin. If recent history is
legal, or tech?"
an example, situations can unfold where hackers get
What's important for retail as an industry, says Po- inside the network and gain access to huge masses of
zhogin, is that retailers dispel with the notions that unencrypted data. "You can't imagine the scale of the
their businesses might somehow avoid the notice of damage," he warns.
34 |
CANADIAN RETAILER | HOLIDAY 2015
Table of Contents for the Digital Edition of Canadian Retailer - Holiday 2015
Publisher's Desk
Retail Currents
Retail: At Issue
Interac Ups Its Game in Power Play Showdown With Credit
Light in the Darkness
A Lifetime in Protection
Grocery Sector Stands Up to LP Challenges
Enter: The CSIO
CSCA Retail 100
Advertiser's Index
Canadian Retailer - Holiday 2015 - cover1
Canadian Retailer - Holiday 2015 - cover2
Canadian Retailer - Holiday 2015 - 3
Canadian Retailer - Holiday 2015 - Publisher's Desk
Canadian Retailer - Holiday 2015 - 5
Canadian Retailer - Holiday 2015 - Retail Currents
Canadian Retailer - Holiday 2015 - 7
Canadian Retailer - Holiday 2015 - 8
Canadian Retailer - Holiday 2015 - 9
Canadian Retailer - Holiday 2015 - Retail: At Issue
Canadian Retailer - Holiday 2015 - 11
Canadian Retailer - Holiday 2015 - Interac Ups Its Game in Power Play Showdown With Credit
Canadian Retailer - Holiday 2015 - 13
Canadian Retailer - Holiday 2015 - 14
Canadian Retailer - Holiday 2015 - 15
Canadian Retailer - Holiday 2015 - 16
Canadian Retailer - Holiday 2015 - 17
Canadian Retailer - Holiday 2015 - 18
Canadian Retailer - Holiday 2015 - 19
Canadian Retailer - Holiday 2015 - Light in the Darkness
Canadian Retailer - Holiday 2015 - 21
Canadian Retailer - Holiday 2015 - 22
Canadian Retailer - Holiday 2015 - 23
Canadian Retailer - Holiday 2015 - 24
Canadian Retailer - Holiday 2015 - 25
Canadian Retailer - Holiday 2015 - A Lifetime in Protection
Canadian Retailer - Holiday 2015 - 27
Canadian Retailer - Holiday 2015 - Grocery Sector Stands Up to LP Challenges
Canadian Retailer - Holiday 2015 - 29
Canadian Retailer - Holiday 2015 - 30
Canadian Retailer - Holiday 2015 - 31
Canadian Retailer - Holiday 2015 - Enter: The CSIO
Canadian Retailer - Holiday 2015 - 33
Canadian Retailer - Holiday 2015 - 34
Canadian Retailer - Holiday 2015 - 35
Canadian Retailer - Holiday 2015 - 36
Canadian Retailer - Holiday 2015 - 37
Canadian Retailer - Holiday 2015 - CSCA Retail 100
Canadian Retailer - Holiday 2015 - 39
Canadian Retailer - Holiday 2015 - 40
Canadian Retailer - Holiday 2015 - 41
Canadian Retailer - Holiday 2015 - 42
Canadian Retailer - Holiday 2015 - 43
Canadian Retailer - Holiday 2015 - 44
Canadian Retailer - Holiday 2015 - Advertiser's Index
Canadian Retailer - Holiday 2015 - 46
Canadian Retailer - Holiday 2015 - cover3
Canadian Retailer - Holiday 2015 - cover4
Canadian Retailer - Holiday 2015 - 49
Canadian Retailer - Holiday 2015 - 50
Canadian Retailer - Holiday 2015 - 51
Canadian Retailer - Holiday 2015 - 52
https://www.nxtbook.com/naylor/RETS/RETS0617
https://www.nxtbook.com/naylor/RETS/RETS0517
https://www.nxtbook.com/naylor/RETS/RETS0417
https://www.nxtbook.com/naylor/RETS/RETS0317
https://www.nxtbook.com/naylor/RETS/RETS0217
https://www.nxtbook.com/naylor/RETS/RETS0117
https://www.nxtbook.com/naylor/RETS/RETS0616
https://www.nxtbook.com/naylor/RETS/RETS0516
https://www.nxtbook.com/naylor/RETS/RETS0416
https://www.nxtbook.com/naylor/RETS/RETS0316
https://www.nxtbook.com/naylor/RETS/RETS0216
https://www.nxtbook.com/naylor/RETS/RETS0116
https://www.nxtbook.com/naylor/RETS/RETS0615
https://www.nxtbook.com/naylor/RETS/RETS0515
https://www.nxtbook.com/naylor/RETS/RETS0415
https://www.nxtbook.com/naylor/RETS/RETS0315
https://www.nxtbook.com/naylor/RETS/RETS0215
https://www.nxtbook.com/naylor/RETS/RETS0115
https://www.nxtbook.com/naylor/RETS/RETS0614
https://www.nxtbook.com/naylor/RETS/RETS0514
https://www.nxtbook.com/naylor/RETS/RETS0414
https://www.nxtbook.com/naylor/RETS/RETS0314
https://www.nxtbook.com/naylor/RETS/RETS0214
https://www.nxtbook.com/naylor/RETS/RETS0114
https://www.nxtbook.com/naylor/RETS/RETS0613
https://www.nxtbook.com/naylor/RETS/RETS0513
https://www.nxtbook.com/naylor/RETS/RETS0413
https://www.nxtbook.com/naylor/RETS/RETS0313
https://www.nxtbook.com/naylor/RETS/GrandPrix2012
https://www.nxtbook.com/naylor/RETS/RETS0213
https://www.nxtbook.com/naylor/RETS/RETS0113
https://www.nxtbook.com/nxtbooks/naylor/RETS0612
https://www.nxtbook.com/nxtbooks/naylor/RETS0512
https://www.nxtbook.com/nxtbooks/naylor/RETS0412
https://www.nxtbook.com/nxtbooks/naylor/RETS0312
https://www.nxtbook.com/nxtbooks/naylor/RETS0212
https://www.nxtbook.com/nxtbooks/naylor/RETS0112
https://www.nxtbook.com/nxtbooks/naylor/RETS0611
https://www.nxtbook.com/nxtbooks/naylor/RETS0511
https://www.nxtbook.com/nxtbooks/naylor/RETS0411
https://www.nxtbook.com/nxtbooks/naylor/RETS0311
https://www.nxtbook.com/nxtbooks/naylor/RETS0211
https://www.nxtbook.com/nxtbooks/naylor/RETS0111
https://www.nxtbook.com/nxtbooks/naylor/RETS0610
https://www.nxtbook.com/nxtbooks/naylor/RETS0510
https://www.nxtbook.com/nxtbooks/naylor/RETS0410
https://www.nxtbook.com/nxtbooks/naylor/RETS0310
https://www.nxtbook.com/nxtbooks/naylor/RETS0210
https://www.nxtbook.com/nxtbooks/naylor/RETS0110
https://www.nxtbook.com/nxtbooks/naylor/RETS0309
https://www.nxtbook.com/nxtbooks/naylor/RETS0209
https://www.nxtbookmedia.com