Customer security onlineTesco, Target, eBay, Office – all major retailers with a significant online presence and always seeking to understand what their customers want to buy, how they want to buy it, and what would make them buy more. The delivered retail experience and an intimate understanding of consumer psychology are where the retail battles are fought in 2014.

However, the latest eCustomerServiceIndex (eCSI)* survey from IMRG and eDigitalResearch revealed that more than half of the online shoppers surveyed asked for - not more loyalty cards, coupon schemes or just bigger discounts – but better online security.

Of course, all of the retailers mentioned above also have something else in common in that they have all recently been subject to security breaches involving customer payment cards or personal information.

The conclusion drawn from the findings by eDigitalResearch is as follows:

“Onus is very much on retailers to invest in and improve their security measures for their online customers – over two thirds (67%) expect organizations to contact them immediately (within 6 hours) by email or phone if security had been breached and it leads to a potential loss of data”

In other words, customers don’t just expect to be better protected but are savvy enough to appreciate that breaches can still happen even with appropriate security best practices in place, and are wanting contingency plans in place that allow them to be notified within the same business day in the event of a breach occurring.

It speaks of a very realistic view on cyber security and one that is encompassed not only by the PCI DSS (which online retailers should be operating in order to meet agreements with their banks and the payment card brands) but all other security best practice frameworks.

These principles should be mirrored within non-stop security management solutions, which help organizations ‘harden’ their IT systems to render them less prone to attack by removing all known vulnerabilities, and in addition, put in place intrusion detection functionality as a contingency.

In doing so, if a system is still breached despite all the defenses being enabled, the retailer would know that an attack has succeeded and ensure that other action can be taken to prevent the damage being any greater than it needs to be.

If you consider that the breach at Target was only acted on after it had been operational for two and a half weeks, but during that period, over 40 million payment card details were stolen and 70 million customers had their personally identifiable information compromised, you can see why the speed of detection is essential. If the 6-hour detection and notification deadline expected by customers had been met in this case, the damage would have been minimal, rather than catastrophic as it has been.

Retailers would do well to listen to customers’ expectations and pay heed to the lessons learned by their peers. The growing consumer awareness of online security will ultimately expose those organizations that fail to take online security seriously to significant repercussions of brand damage.



*eDigitalResearch’s and IMRG’s eCustomerServiceIndex



NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
1175 Peachtree St NE
Atlanta, Georgia, 30361.
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2019, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.