FINAL WORD
As retailers continue to adopt cloud strategies , they increase their digital footprint , expanding their attack surface . technologies that allow purchase via IoT devices . By segregating the purchases made through these devices , retailers limit malicious actor movement within their networks , mitigating the risks associated with insecure wearables and other IoT devices .
Enforce strong authentication requirements
Courtney Radke , Retail CISO at Fortinet
ons and overlays or move forward with multi-cloud connectivity without security . Integrating security into the SD-WAN solution is the key to allow retailers to gain the performance benefits and cost-savings of SD-WAN without sacrificing security .
With Secure SD-WAN on their side , retailers can ensure that security is built into the fabric of their networks . Likewise , as traditional routers no longer provide the necessary visibility into business applications within these complex cloud infrastructures , Secure SD-WAN also solves the issue of network sprawl by prioritizing business-critical traffic using high-performance traffic shaping and management profiles .
As retailers add more cloud-based applications , both for their employees and their customers , they need the enhanced network connectivity that SD-WAN provides with built-in security features to deter malicious actors .
Embrace Zero Trust Access
Adopting a Zero Trust Access ( ZTA ) approach is oftentimes seen as too challenging to implement and is therefore overlooked by businesses looking for ways to bolster their security effectiveness . The catch 22 : it is one of the most critical components to enabling proper cybersecurity controls within the retail space .
Preventing credential theft requires securing the ‘ human element ’. As retailers expand their customer-facing web and mobile application offerings , they need to protect themselves by first protecting their customers .
At a minimum , any web application should be configured with a minimum password length of eight characters , with at least one uppercase letter , one number and one special character . Additionally , retailers should look to require multi-factor authentication and rate-limiting on account login and creation attempts wherever possible and appropriate based on business appetite , to maximize security . Implementation of geography based filtering is also another function that should be evaluated to track and protect against malicious attempts to access web applications .
Evolving retailer cybersecurity at the speed of business
Retailers are evolving their business models at the speed of the cloud and need their cybersecurity programs to be equally agile . With more consumers becoming accustomed to online shopping and new digital experiences , many may never shop the same way again . To protect brand reputation and these new revenue streams , retailers must secure their Digital Transformation strategies from the beginning , rather than considering them to be an afterthought .
ZTA ’ s fundamental ‘ trust no one ’ mantra can sound like something from a spy movie . In reality , this approach focuses on controlling user and device identity and access . For retailers , taking a Zero Trust approach includes managing security issues arising from IoT devices .
Similarly , retailers must adopt new security practices and the technologies that enable them . For every new security measure organizations put into place , cybercriminals are already looking for new ways to exploit them to gain access to sensitive systems , networks and applications .
A retailer-focused ZTA strategy may include implementing micro-segmentation to prevent risks associated with contactless payments and IoT . While the Payment Card Industry Data Security Standard ( PCI DSS ) requires retailers to segment networks that manage cardholder data , micro-segmentation can enhance security controls and create a more robust security posture that goes beyond PCI DSS compliance .
Retailers should also consider creating zones specifically designed for contactless payment
This means that retailers need dynamic and adaptive security solutions to protect their environments from attacks that continue to grow in prevalence and sophistication . Whether from an e-commerce or point-of-sale perspective , the retail industry collects , transmits , processes and stores more digital customer data than ever before . To ensure consistent and secure customer experiences , retailers must take a holistic approach to Digital Transformation by seeking out technology and platforms that build security into the fabric of connectivity . p
84 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com