The holiday shopping season can make or break an online retailer. By doing things well, you can expect sales to surge and your customer base to grow throughout 2018. Do things poorly and you sacrifice many sales while cultivating a negative image for your brand. And if there’s one thing that can seriously damage your brand’s reputation, it’s cyberattacks and a cybersecurity breach.
With several high-profile cyberattacks in the news recently, shoppers are more cautious than ever about giving websites any confidential information. A survey of over 2,000 adults revealed that 44 percent are worried their credit card information will be stolen from a website, making it the single biggest source of anxiety surrounding holiday shopping.
The risk of cyberattacks is just as strong as the worry — an analysis of the 2016 holiday shopping season saw the number of attacks increase by 20.6 percent in November and December. To keep your customers safe (and your brand image intact), there are a few strategies to consider:
1. Review Your Protection
Hackers are both tenacious and observant. If any vulnerability exists in your network, they’ll find it. Spend some time reviewing your network environment looking for anything a hacker may be able to use to gain access to customer data. Also, be sure that all firewalls, antivirus logging programs, intrusion detection systems, and remote access portals are activated and optimized for maximum effect.
2. Get Serious About Authentication
One of the most common holiday season attacks is for cybercriminals to steal the VPN credentials of privileged users and use those to log in to databases and payment processing systems. That’s why authentication is essential and requires a multi-pronged approach. First, users on remote devices should be required to use multi-stage authentication. Second, they should be required to change their login credentials periodically to deter the most persistent hackers.
3. Watch Out for Phishing
Phishing remains one of the most common types of cyberattacks, mostly because it’s so successful — it often only takes one employee opening a bad email to affect your entire company’s security system. Instead of trying to tell a good email/link from a bad one, rely on intelligent gateway solutions that can automatically filter out the bad traffic and test anything that seems suspicious before the user clicks. Giving employees a refresher course about how to spot and avoid phishing emails also helps.
4. Patch Like Crazy
You need to patch every hole in your network and install every upgrade, but you may not have time before the holiday shopping season ramps up. Compile a list of the most common tactics, techniques, and procedures (TTPs) used by hackers over the past year. Then compare those attacks to your known weaknesses and focus on fixing the vulnerabilities that are most likely to be leveraged. Now that 54 percent of all retail traffic comes from mobile devices, online stores must get serious about securing mobile.
5. Put a Plan in Place
Avoiding attacks is essential. But sometimes even when you’re diligent about security, you’ll still get blindsided by a hacker. When that happens, all you can do is minimize the consequences of an attack, which requires advanced planning, preparation, and practice. Key members of your team should know exactly what to do the minute a breach is detected. Any attack that affects you is bad, but one that affects your customers is much worse.
Hackers view the holiday season with the same eager anticipation as online retailers. And all the work you are putting into attracting customers, they are also putting into their attack strategies. If you want this season to be as rewarding as possible, don’t for a second underestimate the risk.