Why retailers must get better at mapping and mitigating cyber risk
Earlier this year, UK retailer The Works was forced to shut some stores after a suspected ransomware breach. It’s a nightmare scenario for any CISO working in the sector—the disruption not only affected the firm’s bricks and mortar business but also online orders.
Earlier this year, UK retailer The Works was forced to shut some stores after a suspected ransomware breach. It’s a nightmare scenario for any CISO working in the sector—the disruption not only affected the firm’s bricks and mortar business but also online orders. This wasn’t the first compromise at a major retailer and it won’t be the last. As the industry continues to digitalise to drive cost efficiencies and meet demand for streamlined multi-channel experiences, it must build security and risk management in from the start.
Unfortunately, new research from Trend Micro shows there’s some way to go for an industry still struggling to understand the extent of its attack surface.
In the crosshairs
Retailers are a popular target for threat actors, given their heavy reliance on a sometimes complex array of IT systems. There are risks associated with both legacy and newer digital systems: the former may be difficult to patch if they’re no longer supported, while a lack of in-house security skills can lead to cloud misconfigurations which end up exposing critical data. And there’s plenty of this data, especially highly regulated customer information (PII) and card details.
Ransomware actors see an opportunity not only in stealing this data, but also in the fact that retailers are desperate to avoid downtime. Even an hour offline could lead to significant losses in what is an extremely competitive market.
It should therefore come as some concern that the digital attack surface is expanding faster than the ability of many global retailers to map and secure it. Two-fifths (40%) told us that the attack surface is spiralling out of control. Nearly half (47%) said they have still not completely defined this environment yet, or don’t know if they have.
Managing the attack surface
Yet gaining that visibility is the first critical step towards more effective risk management. This isn’t easy. Retailers are struggling understand their IT environment in the context of opaque supply chains, mass remote working, shadow IT and the dynamic, ephemeral nature of cloud systems.
According to respondents, retailers’ top challenges when it comes to managing risk are:
- Too few resources (40%)
- Difficulty quantifying risk (38%)
- Too many tools and vendors (30%)
- Limited visibility (29%)
- Alert overload (24%)
Visibility and control
Over half (51%) of retail firms we spoke to admit their method of assessing risk exposure isn’t sophisticated enough. So what needs to happen? A simple three-point plan will help:
- Gain visibility into all assets and attack vectors
- Use that data to continuously calculate risk exposure
- Invest in the right controls to mitigate that risk
Of course, the devil’s in the detail. Gaining visibility is challenging for many of the reasons listed above. This is where a platform-based approach can really add value. Crucially, it means retail organisations can manage and understand their attack surface and take proactive steps to prevent, detect and respond to threats across it from a single, unified platform. Eliminating point solutions means fewer visibility and coverage gaps, less time and money spent on management, and more productive IT security teams. This is the value Trend Micro One promises to deliver.
To find out more, read a full copy of our report, Mapping the digital attack surface: Why global retail organisations are struggling to manage cyber risk.