An alarming number of data breaches has occurred in the retail industry in recent years, exposing the extent of the industry’s vulnerability to cyber threats. A 2016 Verizon study about data breaches across industries reported that retail accounts for 6 percent of all data breaches, including recent high-profile theft of consumer information from retailers such as Target, eBay and The Home Depot. As the number of consumers using digital payment methods increases, so does the vulnerability of retail cyber security.
Types of Cyber Threats in Retail
Cyber threats in the retail industry stem primarily from the use of credit cards and personal information to make purchases rather than using cash. In brick-and-mortar retail stores, cyber criminals can potentially steal customers’ credit card numbers and PINs when they scan or enter the information in the payment terminal at the checkout counter. When shoppers make online purchases at retail websites or in mobile apps, they expose not only their credit card information to theft but also their usernames and passwords, which, in turn, thieves can use to access other websites where the customer has accounts. In this way, one online retail purchase can expose a customer to illegal purchases with their credit card or — even harder to deal with — losses directly from their bank accounts.
Effects of Data Breaches
The effects of data breaches in the retail industry are far-reaching for both consumers and retailers. When news headlines report tens of millions of customers losing credit card or personal information through a breach at a retailer, consumer confidence suffers. Shoppers hesitate to make purchases from the affected store for a period of time — and possibly from similar retailers online or in person. As a result, retailers typically report losses in revenue in the months following news of security breaches involving customer data.
The retail industry is also vulnerable to cyber threats, in that companies must refocus their time, energy and money toward repairing the damage caused by a security breach, rather than focusing on their sales goals. For years after a security breach, a retailer will be responsible for paying for increases in IT staffing, legal counsel and consumer credit protection for its customers.
Retail Cyber Security Measures
Retailers must focus their cyber security efforts on best practices for handling the inevitable attacks on their systems by cyber criminals. Millions of transactions occur per day in stores and online, and each transmission of credit card information creates an opportunity for data theft. Retail companies must quickly adapt their security measures to take into account each new type of threat to customer information, be it through in-store transactions at a payment terminal or through online purchases. In particular, retailers must prioritize developing security protocols related to mobile applications and cloud storage as those technologies advance for retail purchases.
Cyber Security Personnel in the Retail Industry
The retail industry needs graduates with an MBA in Cyber Security to evaluate, protect and defend cyber security vulnerabilities. The degree program provides professionals with the management skills to become security managers. These managers lead teams of people to optimize retail companies’ resources for defining and mitigating cyber threats.
Retail companies also need security directors to oversee the companies’ IT and cyber security goals and objectives. A security director is responsible for developing and implementing the security strategies for a retail company as a whole, with every department in mind. Security managers and directors must carry out their jobs with one overarching goal: to protect the financial interests and personal information of the company’s customers — and the company itself.
An MBA in Cyber Security prepares professionals to lead the way in protecting retail companies against cyber threats. Classes in retail cyber security and retail cyber security management will prepare students for cryptography, network protocols, cryptographic algorithms, securing and managing computers and networks, security policies and disaster recovery. Additional coursework will cover cyber security risk analysis, with a focus on the National Security Agency’s methodology for evaluating cyber security vulnerabilities.
Learn about the UT Tyler online MBA with a concentration in Cyber Security program.
Have a question or concern about this article? Please contact us.