Trustwave SpiderLabs Uncovers Unique Cybersecurity Risks in Today's Tech Landscape. Learn More

Trustwave SpiderLabs Uncovers Unique Cybersecurity Risks in Today's Tech Landscape. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How to Stay One Step Ahead of Retail Hackers

They are glorified in Hollywood as unbeatable masterminds, and ubiquitous in real-world headlines for bringing down household retail brands. No one doubts that hackers are the smart guys, but are they the smartest? Perhaps the better question is: Is it even possible to stay one step ahead of them in the fight against cybercrime?

It's a no-brainer why adversaries target retailers: They hold and process vast amounts of financial information about customers. Advisory firm Quocirca recently found that 70 percent of European merchants admit they've been targeted by attackers, with 45 percent of those attempts successful and a third of them resulting in data loss.

According to the 2015 Trustwave Global Security Report, 43 percent of our data breach investigation caseload were in the retail industry, including brick-and-mortar and e-commerce websites.

It isn't an unbeatable war though. Retailers can and do survive cybercrime. How did they get back to business as usual so fast? Because they were protected by intelligent systems developed by experts who knew how to outsmart the hackers.

Cybercrime fighters (the good guys in Hollywood movies) know how to think like the criminals, which is why they win more than they lose.

But how do ethical hackers develop solutions that can outsmart malware not yet seen. Specialist companies like Trustwave draw on first-hand experiences from the field. The unique research they have amassed - from examining billions of security events, tens of millions of web transactions, millions of network vulnerability scans, and thousands of penetration tests - builds an incredible picture of how hackers behave, and can reliably predict what they're likely to try next.

Look For Vulnerabilities Like a Hacker Would

It's one thing to know your enemy, but how well do you know your own system and processes, end to end? Hackers leverage that lack of big-picture understanding to their advantage. There's a good chance they already know your system better than you do if they've decided to target you.

Hackers are always looking for new ways to compromise systems, sometimes via unexpected channels. 98 percent of the applications we tested were vulnerable to an attack, with a median of 20 vulnerabilities found per application.

This is why it's critical that either your own staff, or an outside expert, looks at your system and processes for weaknesses in the same way a hacker would. This enables you to develop a strong, unified security strategy that is prepared for attack from every angle.

Adopt a Multi-Layered Defense Strategy

A unified, multi-layered strategy doesn't just build a firewall around your database. It goes much further to protect you and your customers from risk by considering every aspect of an attack. It will manage threats to your email security, network, website, applications and content, and will prevent and detect intrusion. It will minimize damage, maintain compliance and install a fast recovery procedure. Finally, it will guard every entrance, responding to threats instantly.

Remember, knowledge is power. The intelligence exists to outsmart the hackers over and over again, and the good guys can, and do, win.

Jane Dotensko is Trustwave marketing manager in EMEA. 

7192_e6a3dad0-5a16-4868-bcbc-4fd15a5bcfb8   

Latest Trustwave Blogs

Trustwave MailMarshal Unveils Major Upgrades to Combat New Email Security Threats

Trustwave MailMarshal will receive a massive upgrade on March 28 that will add four new levels of functionality, including an improved dashboard interface, the ability to detect and halt malicious QR...

Read More

Unveiling the Latest Ransomware Threats Targeting the Casino and Entertainment Industry

Anyone who has visited a casino knows these organizations go to a great deal of expense and physical effort to ensure their patrons do not cheat. Still, there is a large group of actors who are...

Read More

Third-Party Risk: How MDR Offers Relief as Security Threats Abound

While third-party products and services are crucial to everyday business operations for almost any company, they also present significant security concerns, as high-profile attacks including...

Read More