Survey shows retailers admit vulnerability to cyber attacks

Two in five retailers across the globe have experienced a data breach in the past year, according to the 2017 Thales Data Threat Report, Retail Edition, just released.
The report, issued by Thales, a leader in critical information systems, cyber security and data security, in conjunction with analyst firm 451 Research, reveals that a staggering 43 percent of retailers had experienced a data breach in the last year, with a third (32%) claiming more than one.

With 60 percent claiming that they had been breached in the past, it’s perhaps unsurprising to learn that the majority (88%) of retailers consider themselves to be ‘vulnerable’ to data threats, with 37 percent stating they are ‘very’ or ‘extremely’ vulnerable. As a result, three quarters (73%) of retailers expect their spending on IT security to increase. An increase in regulations such as the forthcoming EU GDPR has led to greater awareness and concern around issues of data privacy and sovereignty, with 72 percent of retailers claiming to be impacted.

The report reveals that, in an effort to comply with these new requirements, almost two thirds of retailers (64%) are encrypting their data, 40 percent are tokenising data, and a similar number (36%) are implementing a migration project. According to the report, half of retail organisations (52%) will use sensitive data in a big data environment this year, with a third (34%) using encryption to protect that data. Despite this, however, 39 percent were very concerned that they’re using these environments without proper security in place, demonstrating that the pressure to use advanced technology is increasing the risk to the business.

What’s more, the report found that as adoption of cloud and SaaS environments continues to rise, so too do concerns regarding their safe use. Two-thirds of retailers (67%), for example, claimed to be very or extremely concerned about cloud service providers (CSPs) falling victim to security breaches or attacks. A similar number (66%) expressed concerns around vulnerabilities in shared infrastructure, and 65 percent were worried about the custodianship of the encryption keys used to protect their data. 63 percent of respondents suggested that such fears could be allayed through the use of data encryption in the cloud, with keys being controlled at the retailer’s premises, while half (52%) preferred the CSPs to control the keys