As we approach the busy retail weekend - dubbed Black Friday and Cyber Monday (28 November and 1 December respectively), with anticipated online sales growth this year of between eight and 11%, many retailers will 'freeze' all critical transaction and other supporting systems in an effort to avoid system outages.
However, given that the last 12 months has seen an unprecedented number of breaches - up 26.9% from 2013, with retailers uppermost in the criminals sights, Tenable Network Security asks if retailers security practices should be on the 'naughty list' this December:
Cyber Monday 2013, and the busiest of the two days, saw:
an 18% increase in sales via desktop computers
$400 million was spent via a mobile or tablet device
73.7% paid for purchases with either a credit or debit card
While the cost of breaches in 2014 were more expensive:
an average $246 per compromised record
Retail spend on security actually decreased slightly:
2013 = $4.3million; 2014 = $4.1 million
Retailers are struggling with PCI DSS requirements:
just 11.1% were compliant with all 12 requirements in 2013
but it was an improvement on 2012 when just 7.5% achieved this
compliance with requirement 11 - 'regularly test security systems and processes' was up from 11.3% in 2012 to 40% in 2013.
In fact, 12.2% of organisations that suffered a breach were compliant with requirement 11!