10 Recommendations to Stop Cyberthreats in the Retail Sector

10 Recommendations to Stop Cyberthreats in the Retail Sector

Given the rise of ecommerce, retail companies need to strengthen their cybersecurity policies.

Ricardo Pulgarín, cybersecurity expert at Cirion Technologies, shares essential strategies that every company in the digital environment should consider.


Ecommerce growth has yielded evolved security policies in the retail sector, with a renewed focus on the security of e-commerce platforms, protection of online payments, customer privacy and supply chain security, all of which show the imperative of adjusting to a constantly changing digital environment and protecting both company data and customer trust in an increasingly connected world.

“Retail sector companies are responsible for ensuring their customers’ data security through various preventative measures. To this end said companies must necessarily perform a thorough risk assessment associated with their information technology systems, identifying threats and estimating their likelihood and impact on the business alike,” said Ricardo Pulgarín, Security Sales Architecture Manager at Cirion Technologies.

Businesses and organizations should focus on reinforcing their cybersecurity schemes. To that end Pulgarín provides 10 recommendations  to strategically tackle potential threats:

1.- Protect recovery systems and back up data:

In the event of incidents caused by people, ransomware or natural disasters, adopting measures that allow rapid data and systems recovery is of the essence. To do this, you need to back up the data, perform recovery tests and have a plan in place to include the definition of the recovery point objective (RPO) and determine the frequency of backups, along with a recovery time objective (RTO).

2.- Run recovery drills

These actions are meant to ensure data availability, resource recovery, and that everything is working as expected. An appropriate communication throughout the command chain in place must be added together with the definition of teams’ and individuals’ responsibilities.

3.- Cybersecurity training and awareness

Establishing data security should be a company priority. Therefore, a cybersecurity training plan for employees is key, both to understand the risks to which the company may be exposed, and to understand the importance of owning their roles upon potential threats and being internal promoters of cyber defense.

4.- Define the attack surface

Organizations must be clear about the systems, devices and services required in their environment to keep their businesses online and an active inventory. This will help them identify their most vulnerable ends and draw a system recovery baseline.

5.- Audit and manage the most vulnerable devices

In order to achieve a comprehensive security strategy, having controls throughout all network critical points is key. Without a doubt, perimeter security matters; however to be effective, and considering users’ high mobility, it must be complemented with security on end-user devices.

6.- Network Segmentation

To help contain malware actions. If a threat enters the network, it must be “buried” to prevent it from moving uncontrollably and collecting information. To do this, it is necessary to “divide” the network into smaller sections, thus preventing threats from moving laterally, with better control of traffic flow among sections.

7.- Protect emails to thwart ransomware attack

In addition to network devices, you must as well ensure that email solutions are running their latest updates and have a secure infiltration protection.

8.- Enhance identity focus

Organizations need to implement multiple factor authentication mechanisms for their remote users and customers, which will enable higher validation of access authorization to their most critical information. Do not forget to monitor use of ports, protocols and services on the network to stop malicious applications from maintaining a security gap that can be exploited by the attacker.

9.- Consolidate security throughout the entire Cyber Kill Chain

The cybersecurity kill chain model identifies what cybercriminals do to achieve their goals. The possibility of human failure requires implementation of solid security technology and a cybersecurity strategy to integrate various controls and enable visualization of the different stages an attacker must go through before being successful.

10.- Have an incident response plan in place

A clearly defined, evaluated and proven incident response plan will contribute significantly to ensuring a better result in the event of cyberthreats.


Cirion owns a complete portfolio of security integrated solutions, with network protection and mitigation services, among others, customizable to any kind of industry requirements.


Recent Posts

Transformación Digital

Leading Digital Transformation in Latin America with Substantial Investments

by | Jul 4, 2024 | IT Trends | 0 Comments

    Investments, Expansions and Strategic Alliances   Since the end of 2022, when Cirion Technologies became an independent company, with the support of...

ASN Tier 1

What are ASNs? Learn their importance for Internet quality

by | Jul 2, 2024 | Connectivity | 0 Comments

End users’ experience connecting to the Internet depends on the Autonomous System to which their service provider is connected. According to a topological, data-based...


The Essential Role of CDNs for Live Sporting Event Broadcasting

by | Jun 27, 2024 | Connectivity | 0 Comments

CDNs ensure high-quality, seamless streaming for large-scale sporting events such as the 2024 Copa América, and the 2024 Paris Olympic Games, efficiently managing...

Internet Wi-Fi 7

Why is Wi-Fi 7 going to transform the way we work and live?

by | Jun 10, 2024 | Connectivity | 0 Comments

The new generation of wireless networks leverages Internet connection, opening endless innovation opportunities, which will change the way organizations create value...

en el sector retail

10 Recommendations to Stop Cyberthreats in the Retail Sector

by | Jun 6, 2024 | Security | 0 Comments

Given the rise of ecommerce, retail companies need to strengthen their cybersecurity policies. Ricardo Pulgarín, cybersecurity expert at Cirion Technologies, shares...

Claves de la Ciberseguridad

Cybersecurity: Keys to “close the doors” on Attackers

by | May 21, 2024 | Security | 0 Comments

The focus on network visibility, application availability, data center resilience, people training, and continuous cybersecurity monitoring are fundamental strategies...

Asistente de IA

A guide to getting started with your AI Companion assistant

by | May 16, 2024 | UC&C | 0 Comments

  In today's fast-paced work environment, maximizing productivity and improving collaboration are top priorities. Fortunately, AI technology can help with that,...

Connecting Latitudes: Moving Towards a Secure and Efficient Digital Future in Latin America

by | May 15, 2024 | Connectivity | 0 Comments

  May 17 is World Telecommunication and Information Society Day, a propitious time to reflect on the advances and perspectives of this critical area in our lives....

Data Center

The Future of Data Centers in Latin America: Transformation Driven by Artificial Intelligence

by | May 2, 2024 | Data Center & Hybrid Cloud,Data Center & Hybrid Cloud,IT Trends | 0 Comments

In an increasingly interconnected world, artificial intelligence will be a driver of transformation for the data center industry in Latin America   Artificial...

La plataforma SASE

The inevitable transition to SASE; beyond legacy security

by | Apr 16, 2024 | IT Trends,Security | 0 Comments

The increasing complexity of cyber threats calls for an evolution on how to approach security, leaving legacy hardware-based solutions behind and embracing a more agile...