Skip to main content
close search
site logo
Dive Brief

Survey: Outsized IT confidence leaving retailers vulnerable to cyberattack

Published April 27, 2016
Daphne Howland's headshot
Senior Reporter

Dive Brief:

  • Cyber breaches at retailers are likely to continue to be a problem, considering how long it takes them to discover threats and the disconnect between reality and their IT professionals’ confidence, according to security, compliance and IT operations solutions firm Tripwire’s 2016 retail cybersecurity survey.

  • A third of retailers surveyed said that a breach involving personal data had occurred at their companies, compared with 14% in 2014.

  • Implementation of breach detection technology has nevertheless remained flat, Tripwire notes. In both 2014 and 2016, 59% of the respondents said their breach detection products—including anti-virus software, intrusion detection systems, malware detection, white listing and file integrity monitoring—were only partially or marginally implemented.

Dive Insight:

If Tripwire’s research holds water, retailers (in particular larger merchants) are doomed when it comes to cybersecurity. Based on research conducted by Dimensional Research, Tripwire found that companies with larger revenues monitor their systems less frequently: 66% of IT professionals working for organizations with revenues of less than $100 million check their compliance at least weekly, while just 55% of those working at organizations with revenues of more than $100 million said they do.

Even so, 90% of survey respondents believe they could detect a data breach within their critical systems in one week or less, according to this year’s Tripwire survey. In 2014, just 70% believed they could detect a breach in that time frame. In addition, this year 75% said they could detect a breach within 48 hours, compared with 42% in 2014.

The failure of many retailers to regularly monitor cyberattacks in tandem with IT professionals’ outsized confidence strains belief. But Tripwire director of IT security and risk strategy Tim Erlin said that retailers are on notice.

“Unfortunately, these results indicate that we can expect retail breach activity to continue in the future,” Erlin said in a statement. “The increase in confidence connected with speed of breach detection is particularly surprising, especially in combination with partial implementation of detection tools. Together these results indicate while retail organizations might feel better about their cyber security capabilities, there’s still a long way to go to close the gap between initial compromise and detection.”

Retailers now experience the most cyber attacks of any industry sector—three times as many as the previous top target, the financial industry—according to information and communications technology firm NTT Group's recent 2016 Global Threat Intelligence Report.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
OluKai Opens First East Coast Location at Disney Springs, Florida
From OluKai
November 21, 2024
Why In-Store Analytics will be the Game-Changer
From eyefactive.com
November 04, 2024
Importance of Investing in Innovative Technologies in Retail Highlighted in Gartner Report
From AutoStore
November 01, 2024
Frank Mayer and Associates, Inc. Nominated for Prestigious 2025 Vendors in Partnership Award
From Frank Mayer and Associates
November 20, 2024
Editors' picks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell