Today more than two thirds of internet users in the UK will be shopping, spending more than four hours searching for Black Friday deals online.
UK consumers are expected to spend a staggering £2.3 million a minute on Black Friday, a 19 percent increase on last year.
This weekend will be prime fishing ground for cybercriminals.
Customers are being warned how they can protect themselves from online thieves, retailers too will be more at risk due to the scale and nature of the information they hold.
High-profile data breaches have hit retail organisations over the past few years, exposing thousands of customers’ credit card details and personal information.
Breaches involved malware, malicious insider activity or the use of stolen credentials. Cyber criminals have become more and more sophisticated and underhand in their techniques, leaving retailers continuously playing cat and mouse in a bid to keep up.
Prioritising cyber security
Retailers are rightly concerned about keeping up with online sales over the course of the Black Friday weekend, but cyber security cannot slip down the list of priorities.
Cyber criminals will undoubtedly take advantage of online sales peaks to access networks unnoticed, or, more than likely, they will execute malware that has been sitting on the network for months.
Retail security breaches are becoming commonplace and while we know about the likes of the Tesco Bank, Three and Sage breaches, there will be a lot of retailers that are unaware they have already been compromised. Black Friday and the hype around this weekend could be an opportune moment for hackers to attack.
Hackers are so sophisticated nowadays that nobody is surprised when an organisation has been breached – what counts is how quickly it is contained and how it’s communicated to customers. Given the notion that computing environments may already be compromised, the retail industry needs to move their processes and priorities towards detecting when compromises occur, and responding to them as quickly as possible.
Sticking with basic security solutions may have worked in the years before cyber-attacks became one of – if not, the – biggest threat to organisations, but this is no longer sufficient.
Threat prevention itself is not obsolete, it simply means these defences cannot be relied upon to protect against determined hackers. If cybercriminals are finding new, innovative ways to get into IT systems, then logic would dictate that retailers need to find new, innovative ways of protecting their IT systems.
Continuous monitoring is key
Continuously monitoring networks at all times is now paramount in retailers’ fight against hackers. Indeed, next generation security tools are so advanced that they can detect unusual behaviour and identify threats instantly, ensuring any attempts to steal data are thwarted from the offset.
The time between detection and response is when systems are at their most vulnerable, and without a strategy in place to effectively and efficiently deal with the problem, the consequences could be far reaching. It only takes one smart hacker to expose a company, which means Black Friday has the potential to be a short-term sales win and a long-term sales loss – it’s important that retailers are taking steps to avoid the latter.