Security Watch: Retail Cybersecurity

March 11, 2014
The much-publicized Target breach has created a significant opportunity for integrators

You have undoubtedly heard about or were personally affected by last year’s Target data breach that exposed millions of credit card numbers and personal records. It is perhaps the security incident of the decade, as it has created enormous — and much-needed — visibility for information security among retail executives; in fact, it is practically on every CEO’s radar.

Here’s a high-level recap of the breach: It started with a phishing attack against Fazio Mechanical Services, Target’s refrigeration contractor, which was apparently using free anti-malware software that did not offer sufficient protection. Login credentials that Target issued to Fazio were obtained by criminal hackers, who then used those credentials to gain network access (via a Web portal) into the Target environment.

Point-of-sale (POS) malware — presumably “BlackPOS,” available for purchase online — was uploaded to Target POS systems to scrape credit card and related information right after a payment card was swiped.
Knowing that mega-corporations like Target can be hit this hard, it is a great time for your retail security customers to take a clean-slate approach to information security. The first steps for your customers are to assess and update internal policies and procedures. This includes determining who’s in charge; documenting response procedures in case of a breach; and implementing the right tools and personnel to protect against the risk. 

This is where security integrators come into play. With the Target fiasco top-of-mind for your retail customers’ top executives, now is the time to sit down and talk about deploying risk-mitigating solutions for this type of cyber attack. 

Here are four starting points that integrators should focus on when recommending solutions for their retail customers: 

1. Beef up their perimeter security. Old-school firewalls and intrusion detection systems simply won’t cut it. Today’s “next-generation” firewalls and intrusion prevention systems are needed. The more advanced Web filtering tools from vendors such as Barracuda (Purewire) and Zscaler can do wonders to prevent malware outbreaks.

2. Push for advanced malware protection. In the hopefully rare occurrence of a security breach, traditional anti-virus software is likely inadequate. Newer offerings from vendors such as FireEye, Lancope and Damballa are often the only way to detect (and stop) a malware infection that’s already made its way inside the retailer’s network.

3. Lock down their endpoints. Workstations and servers alike can have an appalling number of missing patches — mostly third-party software like Adobe and Java — that end up getting exploited and leading to the breaches that hurt the most. 

4. Stay educated on cybersecurity. To become and remain a trusted partner with your retail customers is the key to a fruitful relationship. There are plenty of tools and training available to help keep you abreast of the latest evolving cybersecurity vulnerabilities and advances, and the investment in your awareness is fairly minimal.

Kevin Beaver is a consultant with Atlanta-based Principle Logic LLC (www.principlelogic.com). Follow him on Twitter, @kevinbeaver or connect to him on LinkedIn.