With Black Friday today and Cyber Monday fast approaching, this weekend is gearing up to be the biggest e-commerce event of the year. But, with this popularity comes the increased interest of cybercrimminals who seek to take advantage of retail’s busiest time of the year.
As Stephane Cardot, Director Presales EMEA at Quantum, states, “Black Friday and Cyber Monday have become massive revenue-boosters, growing year on year. In fact, in 2020, Cyber Monday broke US records to be the biggest e-commerce day in history, garnering $10.8 billion in one day. While these events are big opportunities for retailers, they are also the same for cybercriminals and organisations need to be prepared.”
So how can retailers and consumers protect themselves from hackers and scammers this year?
Ransomware can be disastrous for retailers
With Black Friday and Cyber Monday being such big events for retailers, a ransomware attack could be devistating for profits if it is not dealt with swiftly. “Given that 77% of global retailers were reportedly compromised by ransomware last year, making the sector one of the hardest hit, retailers must have a laser focus on security in their preparations for Cyber Monday. A ransomware attack on the day could be catastrophic,” explains Chris Rogers, Technology Evangelist at Zerto, a Hewlett Packard Enterprise company.
This is why it is essential for retailers to bolster security measures ahead of the event. Gregg Mearing, Chief Technology Officer at Node4, empahsises the importance of taking steps to ensure security:
“It’s important for retailers to ensure all e-commerce software and content management systems are updated to their latest versions to ensure the best protection. This is essential as even a 1-second delay in website performance could lead to a potential 7% drop in sales on one of the busiest shopping days of the year. The consequences of a data breach can also be pricey – the average cost of a data breach is $4.35 million, but the damage to their reputation and loss of customers, as a result, will see further financial loss for retailers.”
If the worst should happen, and an organisation falls victim to such ransomware attacks, it is vital that there are systems in place to facilitate a quick recovery – as, on these days more than most, time is very much money.
Rogers continues, “retailers need to ensure the organisation can recover fast from a cybersecurity event and get back to business as usual – shifting to a more pragmatic and strategic security approach. Once you’ve been compromised, prevention is no longer a viable protection strategy. By implementing tools that deliver disaster recovery and continuous data protection (CDP), retailers will be able to get things up and running quickly when something goes wrong, limiting downtime and restoring operations in a matter of seconds or minutes, rather than days or weeks.”
Data protection also needs to be a priority
As well as ransomware attacks, organisations need to be wary of data leaks during this peak time. As Terry Storrar, Managing Director, at Leaseweb UK, states, “consumers have a heightened fear of sharing personal data during peak shopping periods such as Black Friday. And this is for good reason – cybercriminals are out in full force to take advantage of the huge numbers of online orders made during this time.”
However, knowing about this increased risk can offer an opportunity for retailers to prepare themselves. He continues, “although retailers should always be vigilant with security, the busy shopping season is an incentive to spend time evaluating a network for vulnerabilities where a hacker could gain access to customer data. Retailers can put in place many levels of security to protect data and financial transactions and this could mean making changes to offer additional reassurance to customers.”
As Daniel Marashlian, Co-Founder and CTO of Drata, outlines, “with compliance frameworks like GDPR issuing heavy fines for data mismanagement, online retailers must ensure they are operating under legislation when handling confidential data like payment methods, location, and contact details. Having an automated compliance and risk management platform can help alleviate some of these pressures and reduce the risk of incurring repercussions.”
Customer Expections run high this time year
With sales events seemingly getting bigger and better every year, expectations for retailers have never been higher – so they need to have systems in place to help them keep up with demand.
Liad Bokovsky, VP of Pre-sales Consulting at Axway, highlights the importance of this, and offers a solution in the form of APIs. “On massive retail events like Black Friday and Cyber Monday, businesses must innovate and adapt quickly and efficiently, and using APIs is the most effective way to achieve this. In fact, reports show 60% of organisations share APIs internally among development teams to deliver products and services faster.”
Although efficiency is key, that doesn’t mean security should be sidelined! As he continues, “security must remain top of mind for organisations as they ready-themselves for these retail extravagazers.”
Consumers need to be wary of scams while looking for the best deals
It’s not just retailers who are targeted by cybercriminals during big retail events! Consumers also need to be aware of the variety of scams lurking about during the festive season.
As Nick Hogg, Director of Technical Training at Fortra (the new name for HelpSystems), illustrates, “the lead up to Christmas is the busiest time of the year for retailers – and, with plenty of deals to be had on both gifts and essentials, Cyber Monday can often be pretty manic. Unfortunately, scammers and hackers make the most of this hectic time, while we are often too busy to notice until it is too late. Consumers need to be wary of phishing emails and social media posts offering hot deals on well-known brands.”
Robert Sugrue, Product Director – Cyber Security, Six Degrees, offers some useful tips for consumers that are online shopping this week:
“My advice to consumers during the Black Friday weekend and beyond is:
- If it seems too good to be true, it probably is;
- Don’t get carried away and always take a moment before you buy;
- Do not click through links on emails – go to the website directly from your browser;
- Check URLs carefully, and make sure you are indeed on the website that you know and love;
- Genuine emails will provide voucher or discount codes – you will not need to use special links that take you to places that are not familiar with;
- Be aware of ‘thank you for your order’ emails that are not genuine;
- Do not hand over credit card details to people you do not know; and
- Most importantly, always ask yourself “Is this really a good deal? Do I really need it?”
Security is for life, not just for the christmas season
Although big retail events highlight the importance of secuity and data protection measures, it is important to remember that cybercrimminals are around far longer than the christmas season.
As Marashlian points out, “Black Friday and Cyber Monday remind us annually of the importance of integrating cybersecurity and compliance within our organisations’ processes. However, while cyber attacks do spike around this time, cybersecurity and compliance needs to be considered a year-round priority.”