Retailers have become prime targets for cyber-criminal syndicates. Insurance can help mitigate the risk of a breach.
International news of cyber-attacks on several retailers, including Target, Home Depot and British Airways, have clearly shown that attacks on sector powerhouses are on the rise. It seems too that no business is too large for cyber crooks.
How the attackers cause disruption
There are several main types of attacks threatening retailers. Firstly, denial of service, or DDoS attacks. In these attacks, threat actors use a network of ‘zombie’ computers or botnets to compromise the availability of networks and systems. This type of attack might be carried out by ‘hacktivists’ who have an ideological motivation, or by cyber criminals who want to hold the retailer to ransom, or to hide their true intentions.
Related: How to make technology in retail work to your advantage
Then we see attacks on the systems that handle payment card data. This type of data is like gold to cyber criminals. Gaining access to your customers’ payment card data or customer information is the primary motivation. This data is used on forged cards or for fraudulent transactions, and customers’ personal details are used primarily for identity theft.
Web app attacks
Next, we see many Web application attacks, in which hackers exploit vulnerabilities in online retail sites to get a foothold. They do this by phishing, spear phishing, SQL injection attacks, as well as brute force hacking. These attackers are also after financial card information.
Reducing risk of being hacked
Craft a response strategy
Retailers can reduce the cost of a potential cyber security incident by following good security practices, such as having a business continuity plan, and an incident response in place, and investing in good security solutions. However, no security tool is a silver bullet. The chances are that retailers will all be breached at some time or another, and this is where cyber insurance comes in.
Related: Is the smartphone making it more challenging to be a retailer?
Make data-care a priority
Addressing the issue of cyber risk is core to the business model of any retailer moving forward. In fact, showing extreme care with, and control of, customer data has become a competitive differentiator. Retailers who protect their customers’ personal data are trusted.
Investigate cyber risk cover
Data breaches can affect thousands, or even millions, of individuals, including customers and third-party partners, and can take several months to detect and mitigate. This is why it is surprising that traditional insurance policies don’t cover cyber risks at all. Retailers should consider having cyber insurance in place to protect them from the soaring costs associated with data breaches.
Covering the costs of cyber invasions
Insurance is available
Cyber insurance helps cover the major costs of a data breach. These include any legal costs related to the incident, compliance issues such as notifying any affected parties, credit monitoring services, damage control and the services of experts to help rebuild reputation, as well as data recovery costs, and damage to systems.
Related: The real cost of shoplifting on your retail store (and how to curb it)
All retailers need cover
Every online and physical retailer, from multi-national behemoths to the smallest of independent shops, relies totally on their computer systems for survival. Even a tiny security incident could cost them dearly, from tens of thousands to millions.
Invaluable in the event of a hack
Cyber insurance not only provides a financial pay out in the event of a breach, it provides invaluable expertise and technical resources to help mitigate the damage in the event of a breach, and protect systems going forward.