It is no exaggeration to state that e-commerce is winning scores over offline, as every day there is a new e-commerce venture coming into existence. In fact, e-commerce is said to be a future of Retail. Though, the industry is booming, but associated security threats are also on the rise. No doubt, technology has made life easier for retailers as well as consumers, but we cannot deny the fact that it is highly vulnerable medium to high-profile attacks like card skimming, theft caused by malware and data loss through wireless network. Addressing the same, Pradeep Katyal, CEO, Utsav Fashion, states, “Nowadays, e-commerce websites are at the top most level in the target list of hackers. Therefore, it becomes more essential to safeguard our business from these criminal minds. From data breach, website blocking, attack on web applications and stealing potential business and customer information to defacing your website, cyber attacks can severely attack retail business.”
Prevailing security issues
Owing to security threats, there is a large section of people who are scared of using their credit or debit card online, which ultimately affects the business of retailers. Ashish Bhatnagar, Co-Founder and CTO, mydala.com, says, “There are various types of cyber attacks that are happening from DDOS (Denial of Service Attacks) to data theft. All of these make a serious impact on the internet retail business from simple applications like customers not able to access your website to losing trust and causing tremendous fear in the mind of customers.” Taking this further, Anurag Rajpal, Director & CEO, The American Swan Lifestyle Company, shares, “Cyber attacks come in many varieties, but among the most common is wherein a site is overloaded with traffic from thousands or millions of different sources, overloading servers and forcing a site outage.”
Retailers’ take on e-commerce vulnerability
Almost every retailer admits that they have become the victim of a security threat owing to which they have to increase the server security. A cyber security attack may reveal the details of almost every industry, country and type of data. The threat of security attacks is growing quite rapidly, in fact, companies are facing tough time in figuring out the combating strategies.
Lenin Koduru, CTO, Abhibus Services, says, “The vulnerabilities acquire a graver dimension due to the financial nature of transactions. This results not only a direct loss of revenues, but serious loss to company’s reputation as well. In some cases, they may be faced with legal penalties for violating customer privacy or trust.” It is of paramount importance for designers and developers of web applications to consider security as a primary design goal and to follow secure coding guidelines to provide assurance to their customers. “It is high time in India to create automated and intelligent threat management mechanism for retail,” he adds.
What can be done?
The research findings indicate that in 2012 nearly every industry, country and type of data was involved in a breach of some kind with cyber security threats, increasing as quickly as businesses can implement measures against them. Bhatnagar from Mydala shares following combat strategies to fight against cyber attacks:
- Educate your employees as they are the first line of defense against attackers.
- Identify users by tagging user-initiated action to a specific person, whether in a physical or digital environment to avoid data breaches.
- Registration of assets with the increase of bring-your-own-device (BYOD), it is more important than ever to have a complete inventory or a registry of valid devices.
- Protect data as attacks are more sophisticated than ever, and keeping cybercriminals out requires a multi-faceted approach.
- Unify Activity Logs to treat physical and information security controls separately.
- Visualize events by developing an environment in which security threats are discovered innately-by both responsible security professionals and others in the organization. Security event visualization allows businesses to identify patterns, emerging vulnerabilities and attacks, and respond quickly and decisively across the organization when an attack does occur. Using the right data sources, advanced SIEM analytics, and data modeling, security event visualization prepares businesses to effectively mitigate current and future threats.