*Reduce Card Fraud During the Holiday Season
As the holiday season approaches security experts are predicting a significant uptick in point-of-sale attacks. Josh Shaul, Vice President at security and forensics investigation firm Trustwave, says card breaches generally increase every holiday shopping season.
“We tend to see two spikes – one in December, likely those breaches that are detected quickly, and then another in February/March, those breaches that get detected on the typical 90-day timeline from intrusion to detection,” he says.
“We expect to see the same trend in 2014/2015. The holiday season drives a lot of credit card purchase activity, and forces the IT staff in the retail space to turn most of their attention to operations and closing out the year. Cybercriminals know this cycle well, and are set up to take advantage of it.”
So what can you do to avoid this anticipated uptick in card fraud?
Josh Shaul of Trustwave recommends retailers conduct more penetration testing at the start of the holiday sales rush and complete a year-end risk assessment to ensure no potential vulnerabilities have been overlooked.
“Fix what you can, and put mitigating technologies like Web app firewalls and secure Web gateways in place to fill the gaps,” he says.
“File integrity monitoring, and other endpoint-based protections can be a huge help in dealing with threats from malware, especially targeted malware that’s not widely known and isn’t detected by common anti-virus solutions.”
Trustwave have recently released their State of Risk Report for 2014 which identifies the most common points of deficiency across organisations, spanning geography and industry. It offers benchmarks by which IT and security professionals can compare their risk stance against their peers. The data also can be used to properly inform senior leadership about the largest threats they are facing and gaps that need filling. The report also presents actionable best practices and technology suggestions that practitioners can use to manage, assess and address these areas of common weakness. Click here to download the report.