- With store closings during the pandemic, many retailers, restaurants, and service providers acted fast to boost their digital presence. Some launched eCommerce for the first time. Others expanded to include mobile apps and new online options.
- Customers love the added digital convenience. However, the rapid shift created a perilous situation when it comes to cybersecurity. Now, companies must adopt the right security measures to ensure customers feel safe and confident during the entire shopping journey, which includes payment and fulfillment.
How big of a problem is cybercrime?
Digital reliance during the pandemic has driven cybercrime up 600%.1
Companies need constant vigilance to protect against new attacks and increasingly sophisticated criminals.
Some of the cyber threats that occur most often include:
- Account takeovers: A popular method used by attackers to gain access and control customer and business data.
- Third-party compromises: Where intruders obtain access to supplier systems, partners, or vendors so they can infiltrate your systems.
- Ransomware: These incidents are becoming more prevalent and sophisticated, often involving theft (or threat of theft) of Personally Identifiable Information about organizations and their customers. In fact, a ransomware attack occurs every 10 seconds.2
How does cybercrime impact customer trust?
In digital commerce, customer data is everywhere. For the most part, online shoppers understand the risks. Often, they are even eager to share their data in exchange for more frictionless, personalized experiences.
But this give-and-take only comes with trust. Every interaction is an opportunity to build a stronger relationship with your customer — or lose their trust.
If your customer worries about sharing information, doesn’t trust your security or finds your site has been down from an attack — that’s friction. Remember, your customer expects you to deliver a secure and frictionless experience. Or they’ll find another business that does.
How can you adapt to new cybersecurity requirements?
Cybercrime and customer data privacy regulations are here to stay. To adapt, companies must take a fresh approach to protect their digital business across four areas:
- Anticipate: Start by understanding how your Digital Commerce ecosystem may be susceptible to cyberattacks — including vulnerabilities in specific software or cloud infrastructure, partner integration, control of customer access, and system management and monitoring. You can leverage automation to prioritize items to investigate, proactively block cyberattacks, and modify the system or user access.
- Protect: Start by protecting your web applications (as well as integrated systems from third parties or business partners) from risk and vulnerability. Also, look closer at your internal use of resources, and confirm only the right users have the appropriate access. Ensure all users participate in security awareness training, especially executives who are often targets of social engineering attacks.
- Monitor: Identify your business-critical systems and monitor network traffic, user behavior, application/data access, and any other critical control points for suspicious activity or policy violations. Leverage automation to identify patterns and anomalies while eliminating false positives. Consider engaging a Cybersecurity Service Provider with specialized Digital Commerce knowledge and experience.
- Respond: When an indicator of compromise is suspected or discovered, it is critical to respond immediately. Many organizations require help from a specialized breach investigation and recovery firm to ensure all attack points are secured and that no evidence or data leakage and/or privacy breach is found. Working with industry experts can ensure the correct information is disclosed and proper remediation steps are followed.
Where can you get help?
Staying on top of all four steps is a tall task, so companies often hire third-party experts for some (or all) of their cybersecurity needs.
Organizations either need to hire, train, and maintain a team of experts to implement their security practice — or find a strong partner that understands their cybersecurity needs.
Many organizations choose to focus resources on their core business and turn to traditional Managed Security Service Providers (MSSPs) to manage and monitor their security infrastructure, including devices and systems. MSSPs typically provide services such as intrusion protection, firewall management, vulnerability scanning, and anti-virus services.
What are some risks to consider?
While MSSPs give organizations additional peace of mind in the fight against cyber threats, they often lack contextual awareness of the industry-specific threats their clients need protection against.
The lack of industry focus results in a visibility gap pertaining to specific threats and risks faced by their customers. This is one factor in the persistence of cyber breaches across multiple industries.
Meet a solution for the modern era of cybersecurity
Today’s businesses need more focus on cybersecurity from their Digital Commerce partner. They need a partner that understands the industry-specific cybersecurity needs of the digital commerce space.
That’s where Pivotree is different:
- As a commerce-focused company, Pivotree delivers domain-specific expertise and visibility.
- We are uniquely positioned to fully manage the risks, compliance, and governance of your Digital Commerce ecosystem (applications, cloud services, user access, etc.).
- Pivotree’s Cybersecurity solutions make use of highly automated techniques to proactively manage cyber threats — and in many cases, prevent breaches before they occur.
- We offer a foundational solution for holistic cybersecurity: Pivotree Cybersecurity Watch.
How does Pivotree Cybersecurity Watch work?
Watch leverages best-in-breed technologies — combined with a team of security experts at Pivotree — to understand, protect and defend your digital business against evolving cyber threats.
To learn more, join Pivotree on October 26th for a webinar to discuss The Foundations of Cybersecurity for Digital Commerce. We invite you to register now.
- The Latest: UN warns cybercrime on rise during pandemic, The Associated Press, May 23, 2020, https://abcnews.go.com/Health/wireStory/latest-india-reports-largest-single-day-virus-spike-70826542.
- Muncaster, Phil, One Ransomware Victim Every 10 Seconds in 2020, February 25, 2021, https://www.infosecurity-magazine.com/news/one-ransomware-victim-every-10/.