10 Recommendations to Stop Cyberthreats in the Retail Sector

Security
06/06/2024

Cyberthreats Retail Sector

Given the rise of ecommerce, retail companies need to strengthen their cybersecurity policies.

Ricardo Pulgarín, cybersecurity expert at Cirion Technologies, shares essential strategies that every company in the digital environment should consider.

 

Ecommerce growth has yielded evolved security policies in the retail sector, with a renewed focus on the security of e-commerce platforms, protection of online payments, customer privacy and supply chain security, all of which show the imperative of adjusting to a constantly changing digital environment and protecting both company data and customer trust in an increasingly connected world.

“Retail sector companies are responsible for ensuring their customers’ data security through various preventative measures. To this end said companies must necessarily perform a thorough risk assessment associated with their information technology systems, identifying threats and estimating their likelihood and impact on the business alike,” said Ricardo Pulgarín, Security Sales Architecture Manager at Cirion Technologies.

Businesses and organizations should focus on reinforcing their cybersecurity schemes. To that end Pulgarín provides 10 recommendations  to strategically tackle potential threats:

1.- Protect recovery systems and back up data:

In the event of incidents caused by people, ransomware or natural disasters, adopting measures that allow rapid data and systems recovery is of the essence. To do this, you need to back up the data, perform recovery tests and have a plan in place to include the definition of the recovery point objective (RPO) and determine the frequency of backups, along with a recovery time objective (RTO).

2.- Run recovery drills

These actions are meant to ensure data availability, resource recovery, and that everything is working as expected. An appropriate communication throughout the command chain in place must be added together with the definition of teams’ and individuals’ responsibilities.

3.- Cybersecurity training and awareness

Establishing data security should be a company priority. Therefore, a cybersecurity training plan for employees is key, both to understand the risks to which the company may be exposed, and to understand the importance of owning their roles upon potential threats and being internal promoters of cyber defense.

4.- Define the attack surface

Organizations must be clear about the systems, devices and services required in their environment to keep their businesses online and an active inventory. This will help them identify their most vulnerable ends and draw a system recovery baseline.

5.- Audit and manage the most vulnerable devices

In order to achieve a comprehensive security strategy, having controls throughout all network critical points is key. Without a doubt, perimeter security matters; however to be effective, and considering users’ high mobility, it must be complemented with security on end-user devices.

6.- Network Segmentation

To help contain malware actions. If a threat enters the network, it must be “buried” to prevent it from moving uncontrollably and collecting information. To do this, it is necessary to “divide” the network into smaller sections, thus preventing threats from moving laterally, with better control of traffic flow among sections.

7.- Protect emails to thwart ransomware attack

In addition to network devices, you must as well ensure that email solutions are running their latest updates and have a secure infiltration protection.

8.- Enhance identity focus

Organizations need to implement multiple factor authentication mechanisms for their remote users and customers, which will enable higher validation of access authorization to their most critical information. Do not forget to monitor use of ports, protocols and services on the network to stop malicious applications from maintaining a security gap that can be exploited by the attacker.

9.- Consolidate security throughout the entire Cyber Kill Chain

The cybersecurity kill chain model identifies what cybercriminals do to achieve their goals. The possibility of human failure requires implementation of solid security technology and a cybersecurity strategy to integrate various controls and enable visualization of the different stages an attacker must go through before being successful.

10.- Have an incident response plan in place

A clearly defined, evaluated and proven incident response plan will contribute significantly to ensuring a better result in the event of cyberthreats.

 

Cirion owns a complete portfolio of security integrated solutions, with network protection and mitigation services, among others, customizable to any kind of industry requirements.

Share

Recent Posts

Data Center in the Digital Age: Pillar of Technological Infrastructure

by | Mar 27, 2025 | Data Center & Hybrid Cloud | 0 Comments

The Importance of the Data Center in Business Digital Transformation In the Digital Age, Data Centers have become the heart of the technological infrastructure that...

What Problems Do SD-WAN and Secure SD-WAN Solve in the Company?

by | Mar 25, 2025 | Connectivity | 0 Comments

What Problems Do SD-WAN and Secure SD-WAN Solve in the Company? In the current context of digital transformation, companies face significant challenges in network...

Business Collaboration: Key to Boosting Team Productivity

by | Mar 14, 2025 | IT Trends | 0 Comments

Business Collaboration: Key to Boosting Team Productivity Collaboration is one of the pillars of labor management in modern organizations. From improving communication...

IA

AI Revolution: Overcoming Moravec’s Paradox

by | Mar 10, 2025 | UC&C | 0 Comments

AI Revolution: Overcoming Moravec’s Paradox     Moravec’s paradox, articulated by Austrian scientist Hans Moravec, describes an artificial intelligence (AI)...

The SASE Revolution in the Digital Age

by | Mar 7, 2025 | IT Trends | 0 Comments

Importance of SASE in the Digital Age SASE Revolution: The digital culture is here to stay and is constantly evolving. Companies that want to remain competitive are...

What is “dark fiber” and why is its use expanding in Latin American companies?

by | Mar 6, 2025 | Connectivity | 0 Comments

What is "dark fiber" and why is its use expanding in Latin American companies? Secure networks, better use of infrastructure and a high response to critical scenarios...

Beyond generation: why energy efficiency is key to the future

by | Mar 5, 2025 | Data Center & Hybrid Cloud | 0 Comments

Beyond generation: why energy efficiency is key to the future     Every March 5, the world commemorates World Energy Efficiency Day, a key date to reflect on how...

AI and Data Centers: The Infrastructure Challenge in an Industry on the Move

by | Feb 19, 2025 | Data Center & Hybrid Cloud | 0 Comments

AI and Data Centers: The Infrastructure Challenge in an Industry on the Move   The emergence of DeepSeek has shaken the technological world and generated a great...

Forecast and Insights on how AI will reshape CX (Part 2)

by | Feb 11, 2025 | UC&C | 0 Comments

Forecast and Insights on how AI will reshape CX (Part 2)     We mentioned in Part 1 of this article that Customer Experience World has continued evolving to a breakneck...

Cirion WAAP

WAAP: Comprehensive Protection for Enterprise API and Web Applications

by | Feb 10, 2025 | IT Trends | 0 Comments

WAAP Solution: What is WAAP and Why is it Crucial for Businesses? WAAP (Web Application and API Protection) is a set of security services designed to protect web and...

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.