800-317-3840
Contact Us

Security Assessment Tool for Retail


Retail

 

 

Get your free security rating

Breaches in Retail are primarily carried out by organized crime and are almost exclusively financially motivated. Last year’s trend of transitioning from “card present” to “card not present” crime continues. This also drives a decrease in RAM scraper malware. Personal data figures prominently in retail breaches, and is tied with payment for the top kind of data compromised.

  • Total incidents

    287

    The number of security incidents (Nov 2018 to Oct 2019) analyzed in this sector in the 2020 DBIR.

  • Top three patterns

    Web Applications 

    Everything Else 

    Miscellaneous Errors 

    The top trends that emerged from this sector’s data (Nov 2018 to Oct 2019) in the 2020 DBIR.

  • Threat actors 

    75% External 

    75 percent


    25% Internal 

    25 percent


    1% Partner 

    1 percent


    1% Multiple 

    1 percent

  • Actor motives 

    99% Financial 

    99percent


    1% Espionage 

    1 percent

  • Data compromised 

    49% Personal 

    49 percent


    47% Payment 

    47 percent


    27% Credentials 

    18 percent


    25% Other 

    18 percent

Considerations

  • Data theft is scaling up

    As online sales have grown over the past several years, attackers have turned their attention from Point-of-Sale devices to Web Applications. This may be because attacking a website or server that holds volumes of payment data is more efficient than infiltrating a network, searching for PoS devices and installing malware individually.

  • Pick up the pace on security patches

    Stolen credentials and exploitable web apps were constant vulnerabilities in this industry, but only about half of vulnerabilities were patched within the first quarter after they were discovered. It’s best to handle them as soon as possible, so problems don’t become worse and cripple you later.

  • Safeguard all types of customer data

    Payment info was some of the data most sought by attackers in this industry, since it can be quickly monetized. And since personal data like email addresses and phone numbers are often wrapped up with payment data, it can easily wind up in criminals’ hands, too. So, be sure you securely process, store and transmit both payment and personal data.

See the latest trends in cybersecurity.

 

Explore the results of the 2020 Data Breach Investigations Report (DBIR) and see what patterns emerged across the thousands of security incidents, from companies both big and small.

 

See an overview of all trends

Read specific insights about your industry


  • 2020 dbir cover
  • Understanding the threats can help manage risk effectively

    The threats are real, the attackers motivated. But something stands between them and your organizations data: you and your security teams, with the insight, perspective, and tools to take action. You'll find that all right here.

    Download the report