Cybercriminals are continuing to target retail businesses of every size and category. In 2021, the retail industry experienced 629 confirmed incidents and 241 breaches with confirmed data disclosures, according to Verizon’s 2022 Data Breach Investigations Report.1 These attacks came at a high cost to retailers. IBM Security’s Cost of a Data Breach Report 2022, which defines the retail industry as brick and mortar and e-commerce, put the average cost for retailers at $3.28 million.2
Protecting sensitive customer data is an ongoing process for retailers which requires careful planning. But with the right people, technology, and policies in place, you’re more likely to find and fix vulnerabilities, detect and thwart threats, and avert disaster. Getting there isn’t necessarily easy. There are a lot of factors to consider. Should you build a program internally or outsource it? What are the impacts to your business? What kind of insurance should you look for? These are complex questions to answer but you don’t have to do it alone. This eBook can help you cut through the clutter, complexity, and confusion.
In the next five chapters, we’ll explore the five key components of a sound cybersecurity framework for retailers based on the NIST Cybersecurity Framework.3 And we’ll cover industry best practices and solutions like risk management, incident response planning, and managed detection and response (MDR) — tools you can use to build out an effective, practical threat management strategy.