Reply Post

 

1. Read the posts and reply to the post. 2. Focus on the questions posed and address them by providing suggestions, supported by citations from appropriate sources.
The post need to be replied: Retail – A [cyber] double whammy! While DoD attacks are the flavour of the month (Bonderud, 2016) observes that, for retail businesses –
the threat is actually congruent with the potential reward and as such, cyber thieves have a vested interest in maintaining the status quo i.e. continuation of a
retail business in order to incrementally steal data. Specifically calling out malicious code [injection] and malware attacks, designed to steal rather than disrupt
(Bonderud, 2016) makes note of POS attacks – specifically AbaddonPOS. Also calling out current malware attack vectors such as the re-established Microsoft Word macro
malware, with 98% of all (retail industry) office threats using macro’s. FireEye, 2015 cites that ‘Enterprise like’ cyber criminals are targeting POS systems and
databases to harvest customer information. Additionally, FireEye cite the following as the most targeted [retail] sub-sectors; In-store retail, Customer Services &
Food / Beverage. Additionally, FireEye cites the following data types, targeted by cyber criminals; Personal Identification Numbers, Account Numbers, Credit Card
track data. (Perez, 2016) makes reference to some 53% of retail fraud in the UK being attributed to being ‘cyber enabled’. Symantec offer that retailers are
hampered with a trifecta of challenges when considering security from employee turn-over, distributed operations inefficient staffing and insufficient IT resources.
Declaring that retailers are, and always have been – attractive targets. What the author finds interesting when assessing the risk or the ‘double whammy’ that applies
to the retail industry – is the extent of available attack vectors, from POS machines to backend inventory tracking databases to front of house support systems to CRM
applications that support marketing initiatives and customer loyalty programs – there are almost limitless points of contact / attack points available to be exploited
when considering a retail operation. Additionally, Symantec make a very pertinent observation that, historically, retail is often underfunded and reactive. With
retailers historically taking a ‘checkbox’ approach – this further bolsters the contention across these sources that the retail sector is both underdeveloped in terms
of cyber defence and a massive target across a range of attack vectors. So in conclusion, the retail industry faces an ever increasing threat from organised cyber-
crime across possibly the most distributed of possible attack vectors with perhaps some of the least investment / knowledge and resourcing across the major industry
verticals. Exacerbated by the nature of the retail sector in terms of core data (personal information, coupled with financial instrument related information) – the
industry is very much in the grip of a cyber-crime double whammy! References; Perez, Roi. March 2017, The retail industry steps up the fight against cyber threats,
accessed 07 Aug 17 ˂https://www.scmagazineuk.com/the-retail-industry-steps-up-the-fight-against-cyber-threats/article/642326/˃ FireEye. 2015, Cyber Threats to the
retail and consumer goods industry, accessed 07 Aug 17 ˂https://www.fireeye.com/content/dam/fireeye-www/global/en/solutions/pdfs/ib-retail-consumer.pdf˃ Symantec. 2015,
Cyber Security for Retail Services; Strategies that Empower your Business, Drive Innovation and Build Trust, accessed 07 Aug 17
˂https://www.symantec.com/content/dam/symantec/docs/white-papers/cybersecurity-retail-en.pdf˃ Bonderud, Douglas. May 2016, Retail Security Risks; 2016 Midyear Roundup,
accessed 07 Aug 17˂https://securityintelligence.com/retail-security-risks-2016-midyear-roundup/˃

 

Need help with this Essay/Dissertation?
Get in touch Essay & Dissertation Writing services