Policies & IssuesJul 01, 2022
U.S. Expands Sanctions to Russian GoldThe U.K, Canada, and Japan have also banned the import of gold originating from Russia.
SurveysAug 02, 2018
Report: US Retailers Are Top Targets for Data Breaches
According to the 2018 Thales Data Threat Report, U.S. retailers experienced twice as many IT security breaches than other retailers worldwide last year.
New York—A new report says that retailers in the United States are experiencing the most IT security breaches worldwide.
The retail edition of the 2018 Thales Data Threat Report based its findings on input from 100 senior retail IT security managers in the U.S. and 96 IT security managers from retailers in other countries to establish the state of IT security today.
It found that despite an increase in IT security spending—84 percent of U.S. retailers polled plan on upping their budgets this year, compared to 77 percent last year and 67 percent of international retailers this year—cyber-attackers are by and large staying one step ahead of companies.
Fifty percent of U.S. retailers surveyed said they experienced IT security breaches last year alone, compared to 19 percent in the 2017 report. Only 27 percent of global retailers, meanwhile, said they experienced a breach last year.
RELATED CONTENT: Saks, Lord & Taylor the Latest Hit by HackersSeventy-five percent of the respondents in the U.S. said they’ve experienced at least one breach, while 60 percent of global retailers said the same.
The retail industry, which is becoming increasingly digital, is a target for cyber attackers due to its high volume of credit card transactions. In fact, Thales says that overall, it’s the second most breached industry in the United States behind the federal government.
The results of the Thales study on IT security in retail mirror what the Jewelers Security Alliance found in its 2017 crime report. The JSA saw such a large uptick in cybercrime last year that for the first time ever, it broke the losses out separately.
The average dollar loss from cybercrime in the jewelry industry was $1.2 million last year, with JSA President John J. Kennedy calling it a “dangerous and growing crime trend.”
A Bad Investment
Despite the uptick in IT security budgets, the Thales report concluded that retailers are putting their money in places that even they recognize to be ineffective. what they themselves deem the most ineffective places.
Of available tools to battle security breaches, 91 percent of U.S. retailers said analysis and correlation tools are the most effective and 90 percent said data-in-motion— providing security for an e-mail in transit while it’s being sent, for example—is the second most effective weapon.
However, they indicated that their highest spending increases would go to endpoint/mobile defenses (77 percent), even though
they ranked this as the least effective security method. Only 57 percent of retailers plan to increase the budget for data-at rest (stored data) defense, and only 62 percent for data-in-motion defenses, despite these being more effective.
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
RELATED CONTENT: JSA: Smash-and-Grab Robberies, Cybercrime Up in 2017“Traditional endpoint and network security are no longer sufficient, particularly for heavy adopters of public cloud resources such as the U.S. retail sector,” the report said, especially with the expanding use of external cloud services like SaaS (software as a service), PaaS (platform as a service) and IaaS (infrastructure as a service).
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
More on Surveys
The Latest
Recorded WebinarsJul 01, 2022
Watch: What to Know About Livestream ShoppingJewelry marketing expert Laryssa Wirstiuk shares her tips and tricks for hosting a livestream shopping session.
SourcingJul 01, 2022
De Beers, Botswana Extend Sales Agreement for Third TimeThe current agreement, originally set to expire in 2020, will now go through June 2023.
Brought to you by
Preparing for Proposal Season with High-Quality, A.I.-Graded Natural Diamonds Rare & Forever is helping to create an enjoyable diamond buying experience for the millions of newly-engaged couples.
CollectionsJul 01, 2022
Piece of the Week: Brent Neale x Edie Parker PendantThe brands have collaborated on a fine jewelry ode to cannabis.
Weekly QuizJun 30, 2022
This Week’s QuizTest your knowledge of the latest jewelry news with this quick test.
Supplier BulletinJun 30, 2022
Here’s Where You’ll Find The Best Online Jewelry AuctionsSponsored by HiBid
CrimeJun 30, 2022
What JSA’s Annual Report Tells Us About Jewelry Crime in 2021Plus, JSA President John Kennedy talks about the trajectory of industry crime over the last 20 years.
Brought to you by
Discover The Extraordinary Italian Jewelry In Las Vegas!Experience all the Italian Jewelry market has to offer in Las Vegas.
CrimeJun 30, 2022
Smash-and-Grab Robbers Hit Booth at TEFAF: Watch the VideoThe fair was evacuated temporarily Tuesday after four suspects smashed a showcase and stole jewelry from British jeweler Symbolic & Chase.
Events & AwardsJun 30, 2022
Nominations Are Open for Gem Awards 2023The 21st annual awards show and gala will take place in New York City next March.
Events & AwardsJun 30, 2022
Registration Open for JIS Fall in Miami The jewelry trade show is scheduled for Sept. 30-Oct. 3 at the Miami Beach Convention Center.
AuctionsJun 29, 2022
Bonhams Expands Again with Purchase of Paris Auction House It is the fifth acquisition under the ownership of private equity firm Epiris, which bought Bonhams in 2018.
MajorsJun 29, 2022
Zales Has a New Diamond CutThe “Celebration Infinite” diamond has more than three times the number of facets in a traditional brilliant-cut diamond, the retailer said.
WatchesJun 29, 2022
Bulova Introduces New Frank Sinatra WatchesThe brand again partnered with the Frank Sinatra School of the Arts High School to celebrate the launch of the “Summer Wind” watches.
Events & AwardsJun 29, 2022
Registration Is Now Open for the HardRock Summit 2022Scheduled for Sept. 8-11, the event will comprise more than 310,000 square feet of show floor, exhibits, and education space.
ColumnistsJun 28, 2022
The PR Adviser: Why Should Someone Buy From You?If you’re having trouble answering this question, columnist Lilian Raji can help you get a started with a few fill-in-the-blank statements.
IndependentsJun 28, 2022
This Jeweler Is Celebrating 40 Years With 40 Days of GiveawaysContinental Diamond in Minneapolis is awarding a total of $25,000 in prizes via daily sweepstakes.
CollectionsJun 28, 2022
Melissa Kaye’s New Collection Doubles the Color“Lenox” marks the designer’s foray into bespoke jewels and large colored gemstones.
Events & AwardsJun 28, 2022
Second AGS Virtual Education Conference Is All About Negotiation Skills“Confluence” is happening in August.
MajorsJun 27, 2022
George Holmes, Longtime Head Editor of JCK Magazine, Dies at 93 He first took a job at then Philadelphia-based Jewelers’ Circular-Keystone in 1963 and retired in 1996.
MajorsJun 27, 2022
Mayors, Analog:Shift Team Up With GoopThe lifestyle platform will stock fine jewelry and watches from the retailers on its website and in store.
CrimeJun 27, 2022
JSA Warns of ‘Pandemic’ of Distraction Thefts Nationwide It cited two recent cases in California, plus incidents in Florida, Kansas, and Illinois.
IndependentsJun 27, 2022
Lewis Jewelers Set to Open New Ann Arbor Store This SummerThe 10,000-square-foot location allows for expanded collections from design partners while continuing custom design and other services.
CollectionsJun 27, 2022
This Designer Has Found a New Way to Bring Gemstones to LifeSvetlana Lazar’s “Wishing Well” collection utilizes an innovative component to mimic the movement of water beneath them.
Recorded WebinarsJun 24, 2022
Vegas Jewelry Recap: The Editors Weigh InWatch the webinar in which National Jeweler’s editors talk about jewelry market week trends and their predictions for the rest of 2022.
MajorsJun 24, 2022
Banter by Piercing Pagoda Celebrates Pride with ‘SayGay’ NecklaceAll proceeds up to $25,000 will benefit the It Gets Better Project, a nonprofit that supports LGBTQ+ youth.
