Cyber Security Month

 

If you are like us, revelations about data breaches at major companies in recent years have come as a shock and wake up call. 

 

Whereas we all thought the internet was a perfectly safe place to post everything from selfies to credit card information and identifying data, alas, it’s anything but.

 

As serious as the problem might be for the average consumer, businesses have it arguably worse. After all, a modern hacker can likely make off with highly valuable financial or other data by breaking into a single business of moderate size.

 

This is why Cyber Security Month, which falls in October, is a great time for retailers to take stock of their cybersecurity and put in place measures to protect their businesses.

 

 

 

While it used to be the domain of professionals, information security, also known as cyber security, has become a mainstream concern. 

 

It’s not just businesses that are paying attention. Governments and political organizations are paying attention to the threats that pepper cyberspace as well.

 

 

 

The European Commission and other organizations are behind the celebrating of Cyber Security Month in the EU. The month-long event begins October the 1st and ends on the 31st. 

 

To help raise awareness of cybersecurity best practices, a number of events are available throughout the year. 

 

Part of the problem we all face with cybersecurity is not knowing what matters. Whether you are an executive or retail entrepreneur, attending one of these training sessions and events can help you get grounded in the fundamentals.

 

 

 

Not to be outdone, the US also marks a month-long cybersecurity event in October. Going by the name National Cybersecurity Awareness Month (NCSAM), it is a project of the Department of Homeland Security.

 

If big governmental organizations are onto the cybersecurity threat, maybe it’s time businesses figured out what the threats are and how to safeguard themselves. Come to think of it, when a breach occurs, it might be too late.

 

 

  

Partly because the word “cybersecurity” is so technical-sounding, it conjures up all sorts of impressions. The problem here is that having distant notions about the subject is one of the biggest culprits for maintaining myths about cybersecurity.

 

The Ponemon Institute found that only 42% of institutions had a “high” degree of ability to mitigate IT risks. Most had approaches that were reactive and focused on what they call the “hack du jour.”

 

Take a look at some of these myths identified by cybersecurity organizations to see if you are placing your organization at risk

 

.

 

As reported in ZDNet, one of the biggest myths about cybersecurity is thinking that you are not in the sights of criminals as a business. 

 

It’s easy to see why. After all, perhaps, you might never have been hacked before.

 

The publication notes that there is no room for complacency, even if you’ve avoided getting hacked before. British pharmaceutical and advertising businesses were among those caught in the crossfire of a Russian hack on Ukrainian computer systems in 2017.

 

If you sleep on cybersecurity, even an attack on third parties could affect your systems in damaging ways.

 

 

 

We live in a world today where the hackers are increasingly more sophisticated and diffuse. What this means is that an attack can come from anywhere. It can hit anyone, even the best prepared technical organizations. 

Forbes notes that the old notion that getting hacked is an embarrassment has become a myth. Even web giants like Google or Facebook are increasingly susceptible to getting hacked. 

 

It’s every retailer’s responsibility to safeguard against the potential of getting hacked. Never think that your systems are so good that they can’t be breached.

 

 

 

From state governments to the most reputable corporations, just about every business type you can think of has been hacked. If you needed any further proof of this, consider the range of truly staggering data breaches that have occurred just within the last decade.

 

 

 

For sheer size alone, it’s hard to top the Yahoo data breach of 2013-14. The internet giant revealed that 3 billion user accounts had been accessed by hackers. 

 

A data breach of this scale was unprecedented, and Yahoo suspected that “state-sponsored actors” were involved. 

 

We might never know all the details, but suffice it to say the hack shed light on the terrifying capabilities of today’s hackers. 

 

In another hack noted for its magnitude, in 2018, Marriott International announced they had been hacked, with 500 million customer accounts breached.

 

 

 

Recently, hacks against governments have entered the spotlight. In January 2019, for example, the German Bundestag was the subject of a hack that targeted Chancellor Angela Merkel and hundreds of politicians. 

 

Meanwhile, in 2017, hackers from North Korea were suspected to have hacked the US and South Korea, making away with 235 gigabytes of military documents.

 

If national governments, with all the resources they have to secure computer systems, are not immune from breaches, hardly anyone is.

 

 

 

The threats retailers face in this digital space are vast, but that should not be cause to throw our hands up in despair and give up the cause as lost.

 

Below, we’ve curated some of the best tips you can use to tame your cybersecurity. As you will see, getting the basics in place can move you up the security ladder, making it harder for hackers to hack you.

 

 

 

Terra Nova Security advises retailers to begin with abiding by compliance guidelines. The EU, for example, has put in place security compliance guidelines for businesses that store user data. You have to do these things anyway. Make sure your data storage systems and behavior meet the requirements of the law.

 

The firm also advises training your employees to make sure no-one exposes the firm to attack. Even basic training for employees with access to data can be useful. Senior information security personnel will need to be up to date in their field. 

 

 

 

A key weakness point retailers should focus on is the payment gateway. Transform Solution recommends making the payment gateway secure your top priority. You can use SSL certificates and encryption to improve the integrity of payment data during transactions.

 

In addition, My Total Retail reminds retailers to posture against distributed denial of service attacks (DDoS). These are mass attacks that swamp your servers with fake traffic to bring the servers down.

 

 

 

In preparing for Cyber Security Month, there’s a lot retailers and other businesses can do to transact more safely. Avoid the mistake of thinking that hacks only happen to other businesses, not yours. Educate yourself and your team on the essentials of data security, and put in place safeguards against potential breaches. The alternative could be costly.