Customer security onlineTesco, Target, eBay, Office – all major retailers with a significant online presence and always seeking to understand what their customers want to buy, how they want to buy it, and what would make them buy more. The delivered retail experience and an intimate understanding of consumer psychology are where the retail battles are fought in 2014.

However, the latest eCustomerServiceIndex (eCSI)* survey from IMRG and eDigitalResearch revealed that more than half of the online shoppers surveyed asked for - not more loyalty cards, coupon schemes or just bigger discounts – but better online security.

Of course, all of the retailers mentioned above also have something else in common in that they have all recently been subject to security breaches involving customer payment cards or personal information.

The conclusion drawn from the findings by eDigitalResearch is as follows:

“Onus is very much on retailers to invest in and improve their security measures for their online customers – over two thirds (67%) expect organizations to contact them immediately (within 6 hours) by email or phone if security had been breached and it leads to a potential loss of data”

In other words, customers don’t just expect to be better protected but are savvy enough to appreciate that breaches can still happen even with appropriate security best practices in place, and are wanting contingency plans in place that allow them to be notified within the same business day in the event of a breach occurring.

It speaks of a very realistic view on cyber security and one that is encompassed not only by the PCI DSS (which online retailers should be operating in order to meet agreements with their banks and the payment card brands) but all other security best practice frameworks.

These principles should be mirrored within non-stop security management solutions, which help organizations ‘harden’ their IT systems to render them less prone to attack by removing all known vulnerabilities, and in addition, put in place intrusion detection functionality as a contingency.

In doing so, if a system is still breached despite all the defenses being enabled, the retailer would know that an attack has succeeded and ensure that other action can be taken to prevent the damage being any greater than it needs to be.

If you consider that the breach at Target was only acted on after it had been operational for two and a half weeks, but during that period, over 40 million payment card details were stolen and 70 million customers had their personally identifiable information compromised, you can see why the speed of detection is essential. If the 6-hour detection and notification deadline expected by customers had been met in this case, the damage would have been minimal, rather than catastrophic as it has been.

Retailers would do well to listen to customers’ expectations and pay heed to the lessons learned by their peers. The growing consumer awareness of online security will ultimately expose those organizations that fail to take online security seriously to significant repercussions of brand damage.



*eDigitalResearch’s and IMRG’s eCustomerServiceIndex



The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)

[email protected]

United Kingdom

5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023

 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.