×
362
Fashion Jobs
PNB HOUSING
Area Sales Manager
Permanent · Thane
PNB HOUSING
Area Sales Manager
Permanent · Pune
JM FINANCIAL HOME LOANS LTD
Area Sales Manager - Home Loans
Permanent · Chennai
DANIEL WELLINGTON
IT Support Specialist
Permanent · MUMBAI
ADIDAS
Senior Manager, Ecommerce Campaign Operations, Apac
Permanent · GURUGRAM
MANPOWERGROUP SERVICES INDIA
Opening || Horeca Sales Manager || Kolkata
Permanent · Kolkata
DBS BANK
Hiring For Area Sales Manager - Gold Loan
Permanent · Karaikal
DBS BANK
Hiring For Area Sales Manager - Gold Loan
Permanent · Thiruvarur
DBS BANK
Hiring For Area Sales Manager - Gold Loan
Permanent · Tirunelveli
AVANTOR
Area Sales Manager- Lab Consumables
Permanent · Pune
ADIDAS
Manager Brand Activation Originals
Permanent · GURUGRAM
ZACH LIFESTYLE PVT. LTD.
Manager - Content & Social Media
Permanent · MUMBAI
MONALISA ELECTRONIC DESIGN CENTRE PRIVATE
Excellent Job Opportunity For Area Sales Manager- gt & mt
Permanent · Shimla
RRD
Associate Production Manager
Permanent · Chennai
GOKALDAS EXPORTS
Executive - Warehouse (Apparel / Garments Background)
Permanent · Bhopal
NEW ALFA INTERNATIONAL
Foundry Production Manager
Permanent · Dubai
MEDCIS PATHLABS
Medcis Pathlabs is Hiring For Pathology Area Sales Manager
Permanent · Visakhapatnam
PERFECT PUBLISHING SOLUTIONS
Area Sale Manager-b.Tech Fresher-German Mnc -Immediate Joining
Permanent · Bhubaneswar
PERFECT PUBLISHING SOLUTIONS
Area Sale Manager-Denmark Mnc - Medical Device or Hearing Aid
Permanent · Chennai
PEOPLE ALLIANCE WORKFORCE
Area Sales Manager - Cosmetics & Personal Care - Fmcg Industry
Permanent · Bhopal
DESAI ELECTRONICS
Manager Production
Permanent · Pune
PEOPLE ALLIANCE WORKFORCE
Area Sales Manager - Ophthalmic Segment/Ent- Pharma Industry
Permanent · Bengaluru
By
Reuters
Published
Feb 5, 2014
Reading time
4 minutes
Share
Download
Download the article
Print
Click here to print
Text size
aA+ aA-

US retailers face pressure to raise cybersecurity spending

By
Reuters
Published
Feb 5, 2014

NEW YORK, United States - Target Corp's decision to speed up a $100 million program to adopt the use of chip-enabled smart cards is just a drop in the bucket when it comes to what retailers need to do to defend themselves against future cyber attacks, according to security experts and IT service providers.

The pressure to boost security spending comes at a time when merchants are already spending millions to fend off online retailer Amazon.com and facing an October 2015 deadline set by payment networks Visa Inc and MasterCard Inc to accept new payment cards that store information on computer chips rather than on traditional magnetic stripes.

Target, the No. 3 U.S. retailer, said this week it hoped to finish upgrading its payment card network to the more secure "chip and PIN" standard by early 2015, some six months ahead of its previous plan.

The system, already widely used in Europe and Asia, can accommodate cards carrying tiny microprocessors, which makes it harder for cyber crooks to use stolen data.

U.S. retailers have been so focused on cutting costs and expanding their online presence in the past decade that they have not spent enough of their technology budgets on protecting customer data, security experts and IT service providers said.

While retail spending on overall technology was expected to rise 4 percent annually between 2012 and 2017, U.S. stores spend only roughly 2 percent of their tech budgets on security, with the bulk going to improving their e-commerce, technology advisory firm IDC Retail Insights said.

Unlike their peers in other industries, most retailers still focus on just meeting the basic standards set by the payment card industry rather than substantially beefing up safeguards against increasingly sophisticated attacks, security experts said.

"Retailers have to assume that they are constantly being targeted and actually constantly being penetrated," said Eddie Schwartz, a vice president at Verizon Enterprise Solutions, who urged retailers to take a more proactive approach.

Pressure from Congress, consumer groups and the banking industry following recent theft of customer data at Target, Neiman Marcus and others may be the turning point to get the retail industry to spend more on security, experts said.

For example, Dinesh Bajaj, the vice president of retail and logistics practice in Americas for Infosys Ltd, expects retailers to spend more in coming months on encrypting credit card data while storing it in multiple systems.

IDC Retail Insights expects spending by retailers in 2014 specifically for security in the United States to be $720.3 million, an increase of 5.7 percent from last year in part because of the recent breaches. Total tech spending by retailers this year is expected to hit $36.34 billion.

"It's clear that companies need to do a lot more, that they continue to make basic mistakes," Federal Trade Commission Chairwoman Edith Ramirez said at a hearing on Tuesday looking into massive data breaches at Target and Neiman that affected millions of shoppers.

LAGGING IN SECURITY SPENDING

Retailers spend 4 percent of their technology budgets on security, compared with 5.5 percent for banks and 5.6 percent for healthcare companies, according to technology research firm Gartner.

Security experts urged retailers to set up a non-competitive "collaboration space" where they can virtually meet to share best practices and real-time alerts about data breaches as their peers in telecoms, financial services, utilities, transportation and energy have done.

There are currently more than a dozen non-profit groups known as Information Sharing and Analysis Centers, or ISACs, that share real-time information about cyber threats and other emerging security risks.

"Having the tools and technology isn't enough in this day and age," Michael Kingston, Neiman's chief information officer, acknowledged while testifying before Congress on Tuesday. "It's often how you deploy this technologies and what else are you doing, which goes back to make sure we're sharing intelligence as much as we can."

Retailers including Wal-Mart Stores Inc, Home Depot Inc, Toys R Us, Sears Holding Corp, Walgreen Co , CVS Caremark Corp, Best Buy Co Inc, Macy's Inc and Neiman declined to share details of their spending on data security.

Target said it has invested "hundreds of millions of dollars" in cybersecurity but did not give the exact amount.

"Retail has small margins and wants to keep prices low, and so they have been slow to improve their systems," said retail industry IT consultant Cathy Hotka. But the imperative to do so is even greater given how much bolder and skilled hackers have become, she added.

Tom Litchford, vice president of retail technologies at the trade group National Retail Federation said merchants have made "significant" investments to classify and encrypt data and to train software developers and other staff.

But data show that retailers have traditionally spent proportionately less on security than other leading industries.

"They don't spend enough on isolating their payment card processing environment from the rest of their store networks and the public Internet," said Gartner analyst Avivah Litan. "This leaves their cardholder data environment open to security holes that the criminals punch through."

© Thomson Reuters 2023 All rights reserved.