Research indicates that a significant portion of American consumers would alter their shopping behaviors following a data breach at their preferred retailer. A recent survey commissioned by data security firm Vormetric and conducted by Wakefield Research reveals that 85 percent of respondents would seek alternative shopping options if their favorite brand experienced a security incident.
Several factors influence this decision, including the loss of funds directly from checking accounts (67 percent), unauthorized credit card charges (62 percent), exposure of personal data (57 percent), and potential damage to their credit ratings (54 percent). These numbers underscore the tangible consequences that a breach can have on consumers’ trust and loyalty.
Tina Stewart, Vice President of Marketing at Vormetric, noted the lasting impact of past retail security breaches, stating, “It’s been two years since significant attacks brought the term ‘data breach’ into everyday conversation.” She highlighted a notable incident following Black Friday 2013, which catalyzed a surge in breaches over the ensuing years, demonstrating the vast financial and reputational damage that can befall well-loved brands.
This sentiment emphasizes the imperative for retailers to prioritize cybersecurity measures, as mere compliance with established standards such as PCI-DSS is proving insufficient. Many organizations that suffered breaches were certified as compliant with these rigorous standards, suggesting a critical need for more robust security protocols.
Sol Cates, Chief Security Officer at Vormetric, advocates for a shift towards a data-centric approach in cybersecurity. He asserts, “Organizations must enhance their strategies for data protection.” With cyber attackers increasingly using sophisticated multi-phase strategies to penetrate organizational defenses, the focus on securing data at rest has never been more crucial. Technologies such as encryption and access control now serve as the frontline defenses and are essential for safeguarding sensitive information.
The MITRE ATT&CK framework identifies relevant adversary tactics that could inform a deeper understanding of potential attack methods. Techniques such as initial access, persistence, and privilege escalation can serve as a guideline for emerging threats, reinforcing the need for enhanced protective measures across the retail sector.
For more on strategies that retailers can implement to bolster their defenses against data breaches, refer to the 2015 Insider Threat Report available on Vormetric’s website. Understanding these risks is vital for business owners aiming to protect their operations and maintain customer trust in an increasingly perilous cyber landscape.
Image Credit: Sergey Nivens / Shutterstock
