Top 3 steps retailers can take to avoid downtime during high-volume holiday shopping
Holiday shoppers are largely housebound this year, meaning many consumers are doing most of their gift-buying online. We’re seeing record-breaking turnouts for virtual sales, with Cyber Monday
experiencing 30 percent growth year-over-year. Retailers are under an incredible amount of pressure to deliver an exceptional experience, even though many are likely dealing with volumes of online orders they’ve never had to handle before. Cybercriminals see this as a brilliant opportunity to execute ransomware campaigns, as any disruption can be detrimental to retailers during this season.
The fact of the matter is that retailers simply cannot afford any downtime right now, so they need to be more prepared than ever for the possibility that they could be targeted by a ransomware gang. In a recent survey, 45 percent of consumers reported that they would walk away from a retailer after a single cyber incident. With long-term customer loyalty on the line, these businesses must assess their competencies in thwarting cybercrime and ensure they have a solid business continuity and disaster recovery (BCDR) plan in place so they can recover quickly if they do fall victim to an attack.
Assessing the level of risk
The first step to getting prepared is understanding the organization’s level of risk. Retail IT teams should undertake a risk assessment to understand the threat landscape and feed that knowledge into their BCDR plan. This should include an analysis of the IT infrastructure both in and out of their control, like web or cloud services, and they should look for different points of failure that can lead to an intrusion, data loss, or downtime. During these exercises, IT teams should also work with different business units to identify and tier systems and applications by their criticality to the business. Then, they can implement objectives around how often these systems will be backed up and how fast they need to be recovered if there were to be an attack.
Once these steps are taken, it’s important to implement redundancy. For example, IT can duplicate servers, firewalls, and even entire sites, and data can be stored across multiple hard drives. Some organizations opt for a hybrid or multi-cloud model, too, where data and workloads are stored both on-premises and in the cloud, or on multiple clouds. The company needs to take what they’ve learned during the risk assessment and determine the best course of action for their environment, uptime needs, and budgetary concerns.
Fortifying data backups
Implementing a BCDR plan and determining how to make your IT environment redundant are must-do tasks, but cybercriminals are always innovating their tactics and finding new vulnerabilities and points of entry. They are also always thinking up new ways to solicit ransom payments – just over a year ago, the now retired Maze ransomware gang started to attack and threaten to publish data backups. This should be an especially scary thought for retailers, who must protect the loads of personally identifiable information they have on file from their customers. If this information were to be published, they could face regulatory fines as the attack would be categorized as a data breach.
To reduce the chance that they’ll fall victim to this kind of attack, they need to secure their backups with the same level of security as the rest of their IT environment. This means deeply integrating their cybersecurity and data protection tools and protocols to ensure backups are out of harm’s way. Cybersecurity software should be applied to scan backups and detect potential malicious activity. This will make it less likely that cybercriminals will be able to infiltrate and use this data as a bargaining tool during an attack, and retailers’ last line of defense will be safe.
Preparation is key to success
While the holiday shopping season is well underway, it’s not too late for retailers to make sure they don’t become the latest cyberattack headline. Conducting risk assessments and implementing updated security measures should always be done on an ongoing basis, as preparation is key to coming out of the other end of an attempted attack unscathed.
In addition to preparing on the technology front, retailers should also make sure they have a ransomware crisis team established, including C-suite leadership, directors of IT, department chiefs, and sales and public relations leadership. From there, it’s important to also define the roles and responsibilities of each crisis team member to ensure there’s a clear chain of command so the company’s response can be as efficient and seamless as possible -- even when tensions are running high. It’s also wise for these crisis leaders to invest in a cyber insurance policy, which can help cover the value of any data loss, data loss fees and fines, and other costs associated with a cyber incident. All this information should be clearly documented in the response plan so everyone is prepared and knows who to contact if an incident were to occur.
Cybercriminals are constantly adapting and changing their ransomware tactics to assure a pay out, so retail IT teams must continually remain nimble so they can try to stay a step ahead of the newest innovations in cybercrime. In assessing the organization’s competencies across these three areas - from understanding the intricacies of the IT environment to the documentation of a response plan -- retailers will be better able to continuously stand up to and thwart attempted cyberattacks.
Image Credit: Kamil Macniak / Shutterstock
Sam Roguine is Backup, Disaster Recovery and Ransomware Prevention Evangelist at Arcserve.