Holiday Data Breaches Could Get Ugly for Retailers – Inteview With Sera-Brynn’s COO John Kipp

From: CIO Today

Hold onto your credit cards — cybercriminals are eager to hack them, and this holiday shopping season, there is a good chance they will be successful.

Despite the massive and high-profile data Relevant Products/Services breach at Target last year, in which thieves stole credit card or personal information for up to 110 million people just as the shopping season kicked into high gear, many large retailers remain woefully unprepared to defend against a cyberattack, according to security Relevant Products/Services experts.

Meanwhile, cyberthieves are smarter and more efficient at breaking into retailers’ networks and stealing consumer data, and some credit card companies are ratcheting down fraud protection Relevant Products/Services to speed transactions during the shopping rush. That sets up the holidays to potentially be a whammy of a payday for criminal groups — and puts consumers at greater risk as they enter the biggest shopping season of the year.

“It’s the perfect time to get boatloads of credit cards in one shot,” said John Kipp, chief operating officer for security firm Sera-Brynn. “The holiday season is a wonderful time for criminals.”

And consumers can expect to pay — as retailers face mounting fines from financial regulators for data breaches, and must invest in pricey new security systems, some experts expect the costs will be passed on to consumers in the form of higher prices.

According to a study by Cambridge-based security firm BitSight Technologies, which analyzed the risk of a breach at 300 large retail companies, 58 percent of retailers are less secure Relevant Products/Services than they were a year ago because more hackers have been getting inside their firewalls and stealing data, often quicker and more stealthily than they were before. Retailers — which just a few years ago weren’t worried about cybersecurity — are struggling to plug the holes in their networks and their vendors’ networks. Many retailers don’t have cybersecurity expertise in their boardrooms, can’t find the cash to invest in the protection they need and are too slow to react in the cat-and-mouse game with cybercriminals, experts say.

“Compared to two years ago, I would say that not much has changed except the urgency by the criminals,” said Martin Ferenczi, president of North American operations for Oberthur Technologies, a digital security company.

For the rest of this article, please visit the CIO Today website.