The Retailer Summer Edition 2022

THE RE TA I L ER

4 6

HOW ZERO TRUST HELPS RETAILERS COMBAT THE SURGE IN RANSOMWARE

Keiron Holyome VP UKI & Middle East BlackBerry

R etailers encouraged to ‘trust nothing, ver ify everything’ in a bid to protect against increasing scale and sophistication of cyberattacks By looking at the history of changes and challenges, particularly when Ransomware in retail is arguably the closest the public gets to seeing the devastation of cyberattacks. One day everything at the local store is normal; the next, it can’t process card payments, restock shelves or perform even the simplest of auto mated tasks. One week, children are enjoying their favourite snacks; the next, the products are nowhere to be found on the shelves. It’s easy to imagine howfinancial and reputational loss can build if the effects of a ransomware attack run into weeks or months. The retail industry’s growing dependence on data and connectivitymakes it a lucrative target for cybercriminals. When held to ransom by cybercriminals, the loss of business, customer loyalty, and even livelihoods become a real possibility. ZeroTrust security principles are the most secure means to manage access without sacrificing productivity across the organisa tion itself and the many components of the supply chain. Thousands of entry points demand a zero-trust approach Since retail networks are highly connected both internally andwith their suppliers, an attack can start from a poorly protected endpoint, point of sale (POS) system or any one of thousands of connections along the supply chain. It is therefore essential for retailers to take a fully comprehensive view of their business and be aware of all entry routes as they consider how to best to thwart cyberattacks.

Don’t be a victim - revise the attackers’ handbook for retail ransomware Retail cyber teams must be on the lookout and prepare for new crime techniques deployed specifically for their environment. Retail POS systems continue to be a lucra tive target as cardholder data flows between consumers and retailers. Access to such data should therefore be tied to job functions like managers. Equally, all endpoints through which it could be accessed should be care fully planned and monitored from a single console, helping to avoid vulnerabilities posed by gaps in responsibility and ownership. Next, it is vital to check all system layers for hidden malware. Ideally, a team would do this on a regular basis. Without checks, some breaches could go unnoticed for months, hidden amid the multitude of layers of retail software used by any one organisation. During that time, hackers can quietly move around the network exploring the systems and set ting up tactics to engineer the most effective attack possible. Organisations should deploy a defense in depth approach to cybersecurity technolo gies to ensure no layer of the system goes unchecked. Ordinarily, this might take weeks or months, but with AI, machine learning and, when needed, the assistance of an outsourced managed services team, the job can take a frac tion of the time. By sweeping the environment regularly, teams can detect any deviations from the norm, faster. Meanwhile, if a dormant threat is found, incident response teams can stop executions before they strike. Thiswealth of experience allows retailers to focus on key security initiatives, rather than spending time and valuable resources recovering from breaches or triaging endless alerts.

As retailers experience a sharp increase in the amount of data they’re using, they’re also seeing a growing number of endpoints benefitting shoppers’ experiences, such as smartphone apps and kiosks, which all expand the attack surface. It’s not only the customer-facing tech that’s vulnerable. The IoT-enabledwarehouse, supply chain software, connected partners, or even the electric delivery van are all possible entry points for an attack. In fact, the software supply chain has been increasingly used as an attack vector across industries in recent years because the potential impact and spread of a supply chain attack can be far greater than targeting an individual victim. Once attackers are inside, they can access product, financial, and personal information on the business, its partners and customers. With so many potential ways to start an attack, it becomes a cybercriminal’s playground. To address this, retailers need to implement a Zero Trust architecture which trusts nothing and continuously verifies everything. In Zero Trust security, no user can access anything until they prove who they are, that their access is authorised, and they’re not acting maliciously. However, this continuous validation approach introduces a conflict with the uninterrupted, ‘Zero Touch’ experience of that users crave. Machine learning and predictiveAI enable Zero Trust security mechanisms to block attacks while dynamically adapting security policy enforcement based on criteria like location, device handling, and other behavioural and contextual factors that can also protect against human error and well-intentioned security workarounds. Such tools can improve the user experience by minimising disruptions and the need to reauthenticate across multiple devices and applications unless warranted, providing the user with that Zero Touch experience in a Zero Trust environment.