Re: Cybersecurity for online retailers

Unfortunately small and large companies are exploited and compromised all the time. Unless they have active cyber protection in place. The problem is that until recently the cost to do so, the skills, the tools and process are out of reach of SMB and many SME's. (Shameless plug coming) Cyberleaf does deliver (to retail, manufacturing, fintech, healthcare etc etc.) end to end cybersecurity that actively protects your data such as PII, PCI and meets regulatory and compliance requirements. https://cyberleaf.io/

Candidly it is daunting if not overwhelming since the attack surfaces are exposed and vulnerable and the threat vectors ever increasing from cyber criminals.  Cyberleaf not only protects critical data but also defends against ransomware, exfiltration of data and compromise.

if you read the trends and attacks on retail this is expected to increase over the next several years...so being trained and protected is the way to go.

Its a valid topic and a valid concern. I only wish it hadn't turned into a sales pitch.  Educating the community vs selling to the community would be a preferred way to be involved here. 

Yeah - sorry about that...did not see much messaging on this and we do protect some large retailers in fact. I only learned about this forum through the retailer that is our customer...

But as an educational front - (valid critique btw) there are key steps (no purchase required):

Recent articles in the mytotalretail give warning for retailers 'Tis the Season for Retailers to Prepare for Cyberattacks (mytotalretail.com)

Ransomware attacks hit 44 percent of retail organizations in 2020 and numbers are still being tallied for 2021. Many of these were partially successful and should be a rallying crew for increased cyber defense. The average cost of recovery from a ransomware attack in retail was approximately $2 million, per the State of Ransomware in Retail 2021 report by Sophos. These costs include downtime, device cost, network cost, lost opportunity, and ransom paid to recover encrypted data.

The following are some basics on how to mitigate ransomware attacks and other malicious behavior:

1. Training – Have training for all levels of employees, contractors and the retailer supply chain. Understanding the modalities of phishing attacks (more than 50% of ransomware are due to phishing exploits) as well as basic cyber hygiene will protect the enterprise and your staff. Ongoing training should be in small doses, measured and tested to ensure knowledge and compliance with policies.
2. Establish policies and compliance to regulatory obligations and industry recommendations through an assessment and alignment of cybersecurity practices.
3. Utilize a SIEM with integration to a SOC with SOAR and ingest data from your servers, FW, endpoints as well as EDR, RMM etc.
4. Establish policies and procedures for resiliency and recovery in the event of a breach including having a DFIR solution on standby.
5. Have the correct data storage for critical data including customer information, PII/PCI as well as your operational data such as HR and finance.
6. Establish Zero Trust for applications and access to systems for all personnel and vendors.