Every retail business needs a data breach response plan

October 25, 20185 minute read

Select article text below to share directly to Twitter!


In a year of big news stories in tech, the one on top was the revelation that Cambridge Analytica harvested private information from the Facebook profiles of more than 87 million users without their permission. It was data misuse of epic proportions, leading Mark Zuckerberg to give testimony and face tough grilling from Congress about Facebook’s data breach response (or lack thereof).

Social media data breaches tend to trigger outrage from customers, because platforms, like Facebook, Twitter, Snapchat, and Tumblr, are where they post intimate, personal content about their lives. However, reactions to data breaches in the retail sector pale in comparison, despite the fact that major retailers consistently fail to uphold consumer data security with potentially serious consequences.

Within the past few months alone, several major retailers announced data breaches. According to Bloomberg reporter Sarah Halzack:

“But while the Facebook story has shaken the business and political worlds for days, these other data security lapses, affecting millions of US consumers, have barely made a ripple,” wrote Halzack, who has covered the retail industry for four years. Under Armour and Hudson’s Bay stocks, for example, dipped slightly but quickly recovered. This seems to be a pretty standard reaction to retail data breaches. When Home Depot said it suffered a massive data breach affecting 56 million credit and debit cards in 2014, its sales barely took a hit.

Why isn’t retail security getting any flack?

This meek response could be due to “breach fatigue”—customers have seen news about so many retailer breaches and dealt with enough credit card fraud that it seems normal. Moreover, the Facebook breach is tied in with other political news stories, like the Russia investigation, that are currently captivating Americans.

Whatever the reason, retailers see nothing like the pervasive media attention or outrage Facebook received when consumer data security incidents occur. This is problematic because if retailers’ sales, stocks, or reputations aren’t affected by failing to safeguard customer data, they have no incentive to invest in better data security. It’s nice to think businesses want to prioritize data security because it’s the right thing to do, but public pressure and the desire to avoid a scandal go a long way. Meanwhile, customers’ financial information, which is incredibly sensitive, is left exposed.

Develop a data breach response plan

Other retailers may be getting lackadaisical about data breaches, but that doesn’t mean your retail organization has an excuse to slack off. Not only are data breaches incredibly expensive, but a company that genuinely cares about safeguarding its customers’ data will stand out from the competition.

Given the accelerating volume, severity, and cost of data breaches and the ongoing struggles of traditional retailers, data security needs to be a top priority. Fifty-three percent of US businesses experienced a cyber attack in the past year. In other words, odds are high you will experience a hack attempt, and when that happens, you need to have a data breach response plan in place.

A data breach response plan is a detailed roadmap laying out who needs to do what in the event a breach is discovered. Time is of the essence. Step one should be to go into lockdown mode and marshal resources. Then, you should deploy a team to find the source of the attack, checking out the firewall and searching the network for anomalies. Another team should focus on containment to stop the threat from spreading by isolating infected machines or disconnecting the compromised host from the network. You should also identify someone who will be responsible for securing key assets.

Don’t forget the PR

You should coordinate an external-facing data breach response plan, as well. A data breach may look bad, but it looks even worse if it appears the company was hiding it. Uber is currently facing potential legal consequences for waiting a year to make public news of a major hack. The public perception around their delay may prove just as devastating as the attack itself.

Following a breach, you need to notify customers in a prompt and honest manner. Get ahead of the story by acknowledging the breach happened and apologizing. Share whatever details are available about who and what has been affected and provide resources for customers, such as prompts to change passwords. Make sure customers can communicate with the company and get more information about the breach. Your company should also actively let customers know what you’re doing to improve security moving forward.

Get proactive about consumer data security

Unfortunately, the simple fact of a breach is damaging, and even the best data breach response plan can seem like too little too late. The best approach is to take preventative measures. You should first identify a few areas of your network requiring special attention, either because they were highlighted as vulnerable in a security assessment or they’re frequently overlooked.

Printer security, for example, is an often neglected aspect of network security—especially within the retail industry. You’re already dealing with a variety of threat vectors, like “hire attacks,” which involves attackers who seek employment with the express purpose of obtaining inside information or conducting corporate espionage. Because you’re juggling so many cybersecurity tasks, you may not have time to address something like print security, but one weak link is enough to put your business at risk.

That said, you can institute a number of quick and easy defenses to protect your print environment. Pull printing, for instance, ensures that documents are not printed until the user authenticates at the device, protecting against hire attackers who may try to walk by and pick up a critical document left in the print tray.

You can also stay proactive by investing in modern printers that come with security features baked in. An HP Enterprise printer equipped with HP Sure Start and run-time intrusion detection can detect malware and will automatically shutdown and reboot. If an error is discovered upon restart, it will automatically validate the integrity of the BIOS code and self-heal, if necessary. In other words, you won’t have to worry about your printers as weak endpoints, and instead, you can spend more time addressing higher level security risks.

Better, more comprehensive, and more proactive security measures are critical for retailers in today’s hazardous environment. Despite what your competitors in the retail industry may think, there’s absolutely no excuse to slack on security.

  • Recommended for you
  • Recommended for You