CollectionsApr 25, 2025
Sylvie Looks to Water in New Sculptural Bridal Collection“Shell Auranova” is the next generation of the brand’s bridal line, featuring half-bezel engagement rings with bold and fluid designs.
SurveysAug 02, 2018
Report: US Retailers Are Top Targets for Data Breaches
According to the 2018 Thales Data Threat Report, U.S. retailers experienced twice as many IT security breaches than other retailers worldwide last year.
New York—A new report says that retailers in the United States are experiencing the most IT security breaches worldwide.
The retail edition of the 2018 Thales Data Threat Report based its findings on input from 100 senior retail IT security managers in the U.S. and 96 IT security managers from retailers in other countries to establish the state of IT security today.
It found that despite an increase in IT security spending—84 percent of U.S. retailers polled plan on upping their budgets this year, compared to 77 percent last year and 67 percent of international retailers this year—cyber-attackers are by and large staying one step ahead of companies.
Fifty percent of U.S. retailers surveyed said they experienced IT security breaches last year alone, compared to 19 percent in the 2017 report. Only 27 percent of global retailers, meanwhile, said they experienced a breach last year.
RELATED CONTENT: Saks, Lord & Taylor the Latest Hit by HackersSeventy-five percent of the respondents in the U.S. said they’ve experienced at least one breach, while 60 percent of global retailers said the same.
The retail industry, which is becoming increasingly digital, is a target for cyber attackers due to its high volume of credit card transactions. In fact, Thales says that overall, it’s the second most breached industry in the United States behind the federal government.
The results of the Thales study on IT security in retail mirror what the Jewelers Security Alliance found in its 2017 crime report. The JSA saw such a large uptick in cybercrime last year that for the first time ever, it broke the losses out separately.
The average dollar loss from cybercrime in the jewelry industry was $1.2 million last year, with JSA President John J. Kennedy calling it a “dangerous and growing crime trend.”
A Bad Investment
Despite the uptick in IT security budgets, the Thales report concluded that retailers are putting their money in places that even they recognize to be ineffective. what they themselves deem the most ineffective places.
Of available tools to battle security breaches, 91 percent of U.S. retailers said analysis and correlation tools are the most effective and 90 percent said data-in-motion— providing security for an e-mail in transit while it’s being sent, for example—is the second most effective weapon.
However, they indicated that their highest spending increases would go to endpoint/mobile defenses (77 percent), even though
they ranked this as the least effective security method. Only 57 percent of retailers plan to increase the budget for data-at rest (stored data) defense, and only 62 percent for data-in-motion defenses, despite these being more effective.
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
RELATED CONTENT: JSA: Smash-and-Grab Robberies, Cybercrime Up in 2017“Traditional endpoint and network security are no longer sufficient, particularly for heavy adopters of public cloud resources such as the U.S. retail sector,” the report said, especially with the expanding use of external cloud services like SaaS (software as a service), PaaS (platform as a service) and IaaS (infrastructure as a service).
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
More on Surveys
The Latest
FinancialsApr 25, 2025
Kering’s Jewelry Brands Persevere as Q1 Sales Sink 14%Boucheron and Pomellato performed well in an otherwise bleak quarter for Kering amid struggles at Gucci.
EditorsApr 25, 2025
Piece of the Week: Deborah Meyers Experience’s ‘The Birds’ EarringsDesigner Deborah Meyers created her birds from oxidized sterling silver, rose-cut diamond eyes, and Akoya Keshi pearl feathers.
Brought to you by
Emerging Jewelers Accelerator Program Announces Second Cohort of Aspiring Jewelry Entrepreneurs Six new retail businesses were selected for the 2025 program, which began in January.
SourcingApr 25, 2025
De Beers Sales, Production Fall in Q1 Amid UncertaintyThe company said it expects sightholders to remain “cautious” with their purchasing due to all the unknowns around the U.S. tariffs.
Weekly QuizApr 24, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
Supplier BulletinApr 24, 2025
Protect Your Customers and Your BusinessSponsored by the Gemological Institute of America
EditorsApr 24, 2025
Q&A: Wolf’s CEO Talks U.S. ExpansionSimon Wolf shares why the time was right to open a new office here, what he looks for in a retail partner, and why he loves U.S. consumers.
Brought to you by
Protect Your Customers and Your BusinessThe risk of laboratory-grown diamonds being falsely presented as natural diamonds presents a very significant danger to consumer trust.
IndependentsApr 24, 2025
Longtime Iowa Jeweler Herman Ginsberg Dies at 99 A third-generation jeweler, Ginsberg worked at his family’s store, Ginsberg Jewelers, from 1948 until his retirement in 2019.
FinancialsApr 24, 2025
Charles & Colvard Delisted From Nasdaq Due to NoncomplianceThe company failed to file its quarterly reports in a timely manner.
SourcingApr 24, 2025
Young Diamantaires Transition to NonprofitThe organization also announced its board of directors.
TrendsApr 24, 2025
Amanda’s Style File: So CharmingCharms may be tiny but with their small size comes endless layering possibilities, from bracelets to necklaces and earrings.
MajorsApr 23, 2025
Bulgari Doubles Size of Jewelry Factory in ItalyLocated in Valenza, the now 355,000-square-foot facility includes a new jewelry school that’s open to the public, Scuola Bulgari.
Events & AwardsApr 23, 2025
PDPaola Creative Director Wins FGI’s ‘Rising Star’ AwardPaola Sasplugas, co-founder of the Barcelona-based jewelry brand, received the Fine Jewelry Award.
AuctionsApr 23, 2025
Rare Custom Rolex Daytona Heads to AuctionA platinum Zenith-powered Daytona commissioned in the late ‘90s will headline Sotheby’s Important Watches sale in Geneva next month.
MajorsApr 23, 2025
David Yurman’s New Campaign Stars Carmelo Anthony, Jaylen BrownThe basketball stars wear men’s jewelry from the “Curb Chain” collection.
MajorsApr 22, 2025
Zales’ Rebrand Takes Playful Approach to Fine JewelryThe Signet Jewelers-owned retailer wants to encourage younger shoppers to wear fine jewelry every day, not just on special occasions.
AuctionsApr 22, 2025
Christie’s to Auction JAR Jewelry CollectionThe 21 pieces, all from a private collector, will be offered at its Magnificent Jewels auction next month.
ColumnistsApr 22, 2025
The PR Adviser: Building Buzz Through Word of MouthLilian Raji answers a question from a reader who is looking to grow her jewelry business but has a limited marketing budget.
GradingApr 22, 2025
Avi Levy Is GCAL By Sarine’s New Chief Growth OfficerGCAL by Sarine created the new role to sharpen the company’s focus on strategic partnerships and scalable expansion.
IndependentsApr 22, 2025
Brinker’s Jewelers Acquires Fellow IndependentThe Indiana jeweler has acquired Scottsdale Fine Jewelers in Scottsdale, Arizona.
Events & AwardsApr 21, 2025
An Exhibition Exploring the History of Cartier Is Now on Display“Cartier: Design, Craft, and Legacy” opened earlier this month at the Victoria and Albert Museum in London.
IndependentsApr 21, 2025
New York Jeweler to Close After 111 YearsVan Cott Jewelers in Vestal, New York, is hosting a going-out-of-business sale.
IndependentsApr 21, 2025
IJO Names New Director of Vendor Relations, Merchandise StrategyIndustry veteran Samantha Larson has held leadership roles at Borsheims, McTeigue & McClelland, Stuller, and Long’s Jewelers.
Events & AwardsApr 21, 2025
Jewelers of Louisiana, Mississippi Jewelers Association to Co-Host ConventionThe two organizations will hold the educational event together this fall in Mississippi.
Events & AwardsApr 18, 2025
Daymond John to Give Keynote at JCK Las VegasThe entrepreneur and “Shark Tank” star will share his top tips for success.
CollectionsApr 18, 2025
Piece of the Week: Dukachi’s ‘Easter Bread’ PendantThe Ukrainian brand’s new pendant is modeled after a traditional paska, a pastry often baked for Easter in Eastern European cultures.
