Retailers aren't spending on the right areas to protect data

The retail sector has been the subject of some of the most high profile data breaches in recent years. Add to this the willingness of customers to switch allegiance in the event of a breach and it's clear the industry needs to take security seriously.

A new survey from enterprise data protection specialist Vormetric in conjunction with 451 Research focuses on retail companies, detailing IT security spending plans, perceptions of threats to data, rates of data breach failures and data security stances.

Among the findings are that 89 percent of IT executives feel vulnerable to data threats and 51 percent have already experienced a data breach, with more than one in five (21 percent) indicating a breach in the last year.

Retailers are making efforts to protect their systems, though the findings show their efforts may not be directed in the right place. Spending to protect data is increasing fastest in areas that have been shown to be ineffective at guarding against multi-stage attacks. Network defenses (65 percent) and endpoint and mobile device defenses (58 percent) see the highest increase in spending, while approaches like data-at-rest defenses, that have been proven to be effective at protecting data after perimeter defenses have been bypassed, are at the bottom (48 percent). One bit of good news is that 44 percent are increasing spending on data-at-rest defenses this year.

At 55 percent, protecting reputation and brand was the top IT security spending priority, followed closely by meeting compliance requirements at 49 percent. Preventing data breaches was the lowest priority, named by only 31 percent. Complexity at 61 percent is identified as the top barrier to adoption of better data security.

"With frequent, high profile data breaches occurring, it seems a complete miss that preventing them is at the bottom of a retailer's IT security spending priority list," says Tina Stewart, vice president of marketing for Vormetric. "Surprisingly, they are also failing to connect the dots about the best solutions to use. With tremendous sets of detailed customer behavior and personal information in their custody, and with retailers a prime target for hackers, we'd expect to see more investments in data security, than in less than fully effective tools like network and anti-virus security".

You can see more details of the findings in the full report which can be downloaded from the Vormetric website.

Image credit: Norebbo/Shutterstock