Keeper Security has released the findings of its 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses survey. The findings revealed that almost 3 out of 4 retailers have already fallen victim to cybercriminals and that over 50% of these companies are yet to come up with a sufficient defense strategy.
The study, which evaluated an excess of 2000 IT and IT security professionals, with 239 of them from the retail sector, found that budget was the top concern for retailers. Only 1 out of 3 retailers believed they have the budget to adequately protect themselves, with 93% of the retailers spending roughly less than 20% of their overall IT budget on IT security.
Other factors or challenges that were preventing fully effective security posture included a lack of understanding of how to sufficiently safeguard themselves from cyberattacks, and insufficient personnel, according to the respondents of the study.
Darren Guccione, CEO and Co-founder of Keeper Security explains, “There are billions of stolen credentials on the dark web, and cybercriminals can wait for months for prime opportunities like peak online shopping season to exploit retailers’ security vulnerabilities and make illegal purchases, The reality is, the cybersecurity problems facing the retail industry are not problems of money or personnel, but of mindset. Retailers need to know there are easily implementable, cost-effective security solutions that can greatly bolster their security posture and largely prevent such cybercrime from happening.”
According to Keeper Security, an average attack, which targets customer or employee data generally results in 7,772 stolen records, amounting to an average loss of $1.9 million due to the disruption. Keeper Security is encouraging retailers to take urgent steps to protect their sites from cybercriminals, by educating staff on the best security practices, enforcing strong login credentials and multi-factor authentication and regularly conducting security audits.
Keeper Security launched a dark web monitoring tool in 2018, designed to monitor the dark web for users’ hacked information. BreachWatch allows the user to be notified in real-time, if their details have been part of a breach. The app then prompts the user to update their credentials for the breached website.