Page 14 - GS161201
P. 14
News
requires minimal integration and limited behavioral "Historically, small and mid-sized businesses have been
changes, which places the company in an exciting position singularly focused on cost factors when considering
to capitalize on the mobile cash transition." new point-of-sale technologies; things like the customer
experience and enhanced security functionality were
Lawrence further stated the mobile cash market could simply not part of the conversation," said Chris Bucolo,
exceed 10 billion transactions a year. "Mobile cash Director of Market Strategy at ControlScan. "But all that's
represents a more simple, secure, and convenient way to begun to change as consumers become more vocal about
access cash and never exposes customers to lost, stolen or what they consider a positive shopping experience."
compromised cards," he said.
The most effective way to reduce cyber risks is to focus
It's always Cyber Monday on the most valued assets and the people who interact
with them, Bay Dynamics analysts stated. "Organizations
for security pros should identify where their most valued assets exist,
who accesses them, how they access them and who
A s retailers brace for the holiday shopping governs those assets," they wrote. "No matter the types
crunch, the 2016 Pre-Holiday Retail Cyber Risk of employee, whether they are permanent, temporary or
Report, dated Nov. 28, 2016 and published by contractors, only those who must access valued assets to
Bay Dynamics, found that most security spe- do their jobs should be given access."
cialists take a business-as-usual approach to peak retail
season. Findings are based on an independent survey Encouraging trends
conducted by Osterman Research Inc. of 134 security pro-
fessionals at U.S. retailers with 2,000 or more employees. Michael Osterman, Principal Analyst with Osterman
Research found improved threat detection and response
Merchants tend to hire seasonal workers during times among IT and security professionals, compared
high-peak traffic times, which can pose risks to their with previously published findings in the 2015 Pre-Holiday
businesses, survey analysts noted. The survey questioned Retail Cyber Risk Report. "Most are patching their systems
how information technology (IT) professionals share quickly, monitoring employee behavior more closely
information among permanent, temporary and contracted and limiting access to sensitive information, but there is
workers, as well as response mechanisms to perceived definitely still room for improvement," he said.
cyber intrusions and threats.
Following are additional takeaways from the Bay
Ryan Stolte, co-founder and Chief Technology Officer at Dynamics report:
Bay Dynamics said key differences between the 2015 and
2016 reports highlight changing attitudes among leading • Always-on vigilance: 56 percent of respondents
U.S. retailers. The study shows that many organizations treat security as a year-round event; their degree
have formalized their approaches to risk management and of vigilance remains constant, with no significant
cybersecurity. changes during the holiday season.
"They view cyber security as a year-round commitment • Increased employee oversight: 30 percent of IT
and therefore are limiting access to sensitive information professionals reported their permanent employees
for those workers who do not have their own accounts," had access to privileged data, up from 7 percent in
Stolte said. "They have more visibility into their employees' the 2015 report.
actions, especially permanent employees who access
highly valued data assets. Cyber security is no longer • Limiting access by temporary workers: 64 percent
being put on the back burner, and that's a positive shift." of respondents said they try to restrict temporary
workers' access to data. The 36 percent who give
Security a top concern them access to their own accounts are doing a better
job of monitoring temporary workers.
In a recent survey of small business owners by
cybersecurity firm ControlScan Inc. and the Electronic • Restricting access across the board: 6 percent of IT
Transactions Association, 89 percent of respondents said and security professionals give temporary workers
security was a top concern. When asked for three top
factors that would confirm they had invested in the right Historically, small and mid-sized businesses
payment technology, the leading response was "improved have been singularly focused on cost
transaction security," followed by "improved customer
experience" and "ease of implementation." factors when considering new point-of-sale
technologies; things like the customer
experience and enhanced security functionality
were simply not part of the conversation.
? Chris Bucolo, ControlScan Inc.
14
