News Feature | August 14, 2017

Despite Drop In Security Attacks, Retail Security Execs Still Fear Breaches

Christine Kern

By Christine Kern, contributing writer

Data Security

As execs continue to feel vulnerable to cyberattacks, investments in solutions must change.

While US retailers appear to finally have turned the corner on data breaches, with rates dropping from 22 percent to 19 percent this year, most senior security executives across multiple industries, including retail, fear their companies are vulnerable to security attacks, according to a new report from Thales. Almost 9 out of 10 (88 percent) of 1,100 senior security executives surveyed by Thales e-Security and analyst firm 451 Research admitted that they believed their organization was at risk, with 52 percent admitting that their companies had fallen victim to a data breach in the past.

Garrett Bekker, principal analyst for information security at 451 Research asserted, “First, the good news: Only 19 percent of U.S. retail respondents reported being breached last year, significantly less than the global average. However, breach results were not so rosy for global retail – a staggering 43 percent of global retail respondents reported a breach in the past year alone, approaching twice the global average. These distressing breach rates serve as stark proof that data on any system can be attacked and compromised. Unfortunately, organizations keep spending on the same security solutions that worked for them in the past, but aren’t necessarily the most effective at stopping modern breaches.”

The study also found that 19 percent of those surveyed believe that their companies are “very” or “extremely” vulnerable to such attacks, even though the study also noted that the percentage of U.S. retailers experiencing data breaches has declined about 3 percent in the last year. Significantly, that percentage is lower than for any other U.S. industry vertical polled for the report, including healthcare (20 percent), financial services (24 percent) and the U.S. federal government (34 percent), according to Thales and 451 Research.

The study also found that 11 percent of retailers failed to learn from previous mistakes and suffered breaches in both the last year and in the previous year.  On the positive side, 77 percent of respondents said they were increasing IT security spending, an increase form 61 percent in 2016 and 62 percent in 2015, reflecting the realization that budgets must match security efforts.

“It’s encouraging that yearly retail data breach rates have finally started to drop,” said Peter Galvin, vice president of strategy, Thales e-Security, “but rates are still quite high. With tremendous sets of detailed customer behavior and personal information in their custody, retailers are a prime target for hackers so should look to invest more in data-centric protection. And as retailers dive head first into new technologies, data security must be a top priority as they continue to pursue their digital transformation.”