This week's blog post is similar to last weeks - with a focus on cyber security policies and procedures. The Retail Industry Leader's Association (RILA) has their own cyber security and data privacy initiative which seeks to educate and advise retailers in preventing attacks, enhance existing privacy and cyber security efforts, inform the public dialogue, and build & maintain consumer trust.
Some of the highlights in the initiative include extending the dialogue to the systems 'outside' the retail control - like banks and card issuers to improve payments security. In particular, RILA would like the industry to move towards Universal PIN security, chip-based smart cards (i.e. EMV Chip Cards), and elimination of the mag stripe. Updating these systems would ensure better secure transactions at retail locations. I also believe this conversation needs to extend to the companies providing POS software and hardware to retailers. Every angle has to be accounted for if you are actively preventing cyber attacks.
As RILA points out:
"Unlike attacks on non-consumer facing industries that seek proprietary
corporate information, cyber attacks on retailers are aimed at sensitive
consumer financial data that can be used for financial gain. The number of those
potentially affected in a successful attack is staggeringly high. Such a breach
can affect consumers’ faith in the system and can damage the relationship that
all retailers seek to build with their customers."
- Angie
No comments:
Post a Comment