View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 26, 2015

10 ways CIOs can ensure a frenzy-free Black Friday

List: Uptime, hackers and reputation need to be considered before getting into the shopping spree.

By Joao Lima

It is the fifth year Black Friday comes to town and Brits are predicted to be spending a record £16,087 per second in the next 24 hours topping £1.39 billion in sales value.

CBR runs down ten tips on how to survive from Black Friday all the way up to Christmas.

1. Convenience beats security

The shopping craze will put staff under a lot of pressure which can lead to internal non-malicious and malicious threats to the business.

Mark Rodbert, CEO of idax, said: "When the pressure is on, too often convenience beats security. With so many businesses focused around making the most sales, employees will be tempted to take risky shortcuts."

Rodbert also said that it is critical that retailers reinforce security policies and best practice, also keeping control of access and implementing the principle of least privilege is essential, requiring complex analytics to control.


2. Analytics to the rescue

With the introduction of services like Apple Pay and Samsung Pay, retailers need to understand the responsibility they have to ensure their customers are protected online when buying their goods.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Rashmi Knowles, Chief Security Architect EMEA at RSA, said: "One way to be ahead of the game is to use behavioural analytics to help distinguish legitimate user behaviour from suspicious activity within online transactions.

"Risk based authentication assigns a unique risk score to each transaction and based on the score, you be made to ask for additional authentication."


3. The main job for CIOs

CIOs main job will be to mitigate the possibility of website outages and ensure no customer is faced with critical situations that could mean bad customer service and loss of revenue.

Bill Berutti, president of data centre cloud and automation at BMC, said: "With high levels of online traffic and orders expected, retail CIOs must take every possible step to ensure that customer data remains secure.

"To keep hackers at bay, retail CIOs should consider automating security workflows and the processing of customer data collected and processed this weekend, to eliminate human error and prevent security breaches impacting reputations or resulting in significant financial losses."


4. Keep your data centre healthy or risk losses

For many retailers everything ties back to the data centre including the point of sale and website, so if an incident does occur then it is multiplied because of the rush associated to Black Friday.

"To reduce the risk and reap the benefits of the day, retailers should leverage the data they have to determine a number of factors such as how many transactions can be made in one day to ensure the back-end infrastructure can handle the surge," said Rick Vanover, senior product strategy manager at Veeam.

Retailers need to have in place availability solutions that guarantee high-speed recovery, data loss avoidance, verified protection, complete visibility and the ability to leverage backups to provide a production-like test environment.


5. Consider reputation

Retailers spend lots of time building up trust and reputation with their customers, but all can be doomed by a bad online experience.

Jeremy Gidlow, CEO of Intechnica, said: "Besides the threat of losing out on millions of sales, it is embarrassing for a retailer to have its website go down. Almost nine out of ten of consumers would rather queue to buy a product on a website than have the website completely crash."

As 42% of all UK consumers plan to do more Christmas shopping on their smartphone or tablet this year, Michael Allen, solutions VP at Dynatrace told businesses to not only think of computers but also to plan ahead for keeping services smooth when running on portable devices.


6. Keep data safe whatever the cost

With Black Friday kicking off the lucrative holiday shopping season, retailers cannot afford to go suffer any sort of breaches.

"They would not want a repeat of the Target fiasco where suspicious activities were waved aside to allow sales to continue," said Willy Leichter, global director of security strategy at CipherCloud.

To mitigate risks, retailers need to ensure that they can keep their customers’ data secure from prying hackers. "They need to protect access points and information across the entire IT stack."


7. Avoid catastrophic network downtime

Not being able to take payments on Black Friday will result not only on lost revenues, but also on pressure from customers queuing in-store.

Hubert Da Costa, VP EMEA Cradlepoint, said: "Typically network downtime costs an average of £200k an hour, but that is just an average. In the retail sector, to be unable to take payments on a day such as Black Friday would be catastrophic.

"A network failover solution does not just provide business continuity on the day, but ensures your business continues to run in the future."


8. Best to stay at home

Black Friday is undoubtedly the busiest day for businesses but also one of the most stressful times for consumers.

Julien Hervouët, CEO of iAdvize, said:"Staying at home on Black Friday may be the smartest move given that the best deals can be found online.

"Meanwhile businesses are unprepared to offer effective customer care, which results in the loss of potential sales."


9. Don’t fall victim to phishing

Recently, fake emails from online grocer Ocado were sent out, using phishing email attachments to infect shoppers’ computers with malware. Crooks gained access to various bank details, with one family’s bank account stripped of £14,000.

"If it sounds too good to be true, it IS too good to be true," said Paul Ducklin, senior security advisor at Sophos.

Mav Turner, director at SolarWinds, said that instead of clicking links in emails, people should go directly to the website to safeguard against risky websites.

Turner said: "Credit cards have more security measures in place, so avoid using a debit card where possible. Regularly check your bank balance and be sure that you were expecting all of the transactions."

In case consumers fall victim to phishing, they need to act quickly and know how to contact their bank. "Only two out of three companies are informed by external agencies that they have been breached, so contact them immediately."


10. Are you ready to wrestle for a TV?

With this Black Friday set to become the biggest online retail event in UK history, in the end it is up to British people to decide how far they want to go to get a bargain.

Rob Fenton, UK MD of fifty-five, said: "Some big retailers have shunned the day, such as Primark avoiding discounting, while others, like Asda, have abandoned Black Friday altogether as a pre Christmas sales bonanza.

"However, its popularity is especially highlighted by the fact that British consumers are just as comfortable shopping from the comfort of their own home, as they are queuing up for long hours and potentially having to wrestle over a flat screen TV just to get their hands on a precious bargain."


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.