MajorsJul 18, 2025
Lewis Heyman on Sourcing Gemstones, Post-Retirement PlansHe retired last month after 28 years traveling the world to source the very best gemstones for his family’s jewelry business, Oscar Heyman.
SurveysAug 02, 2018
Report: US Retailers Are Top Targets for Data Breaches
According to the 2018 Thales Data Threat Report, U.S. retailers experienced twice as many IT security breaches than other retailers worldwide last year.
New York—A new report says that retailers in the United States are experiencing the most IT security breaches worldwide.
The retail edition of the 2018 Thales Data Threat Report based its findings on input from 100 senior retail IT security managers in the U.S. and 96 IT security managers from retailers in other countries to establish the state of IT security today.
It found that despite an increase in IT security spending—84 percent of U.S. retailers polled plan on upping their budgets this year, compared to 77 percent last year and 67 percent of international retailers this year—cyber-attackers are by and large staying one step ahead of companies.
Fifty percent of U.S. retailers surveyed said they experienced IT security breaches last year alone, compared to 19 percent in the 2017 report. Only 27 percent of global retailers, meanwhile, said they experienced a breach last year.
RELATED CONTENT: Saks, Lord & Taylor the Latest Hit by HackersSeventy-five percent of the respondents in the U.S. said they’ve experienced at least one breach, while 60 percent of global retailers said the same.
The retail industry, which is becoming increasingly digital, is a target for cyber attackers due to its high volume of credit card transactions. In fact, Thales says that overall, it’s the second most breached industry in the United States behind the federal government.
The results of the Thales study on IT security in retail mirror what the Jewelers Security Alliance found in its 2017 crime report. The JSA saw such a large uptick in cybercrime last year that for the first time ever, it broke the losses out separately.
The average dollar loss from cybercrime in the jewelry industry was $1.2 million last year, with JSA President John J. Kennedy calling it a “dangerous and growing crime trend.”
A Bad Investment
Despite the uptick in IT security budgets, the Thales report concluded that retailers are putting their money in places that even they recognize to be ineffective. what they themselves deem the most ineffective places.
Of available tools to battle security breaches, 91 percent of U.S. retailers said analysis and correlation tools are the most effective and 90 percent said data-in-motion— providing security for an e-mail in transit while it’s being sent, for example—is the second most effective weapon.
However, they indicated that their highest spending increases would go to endpoint/mobile defenses (77 percent), even though
they ranked this as the least effective security method. Only 57 percent of retailers plan to increase the budget for data-at rest (stored data) defense, and only 62 percent for data-in-motion defenses, despite these being more effective.
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
RELATED CONTENT: JSA: Smash-and-Grab Robberies, Cybercrime Up in 2017“Traditional endpoint and network security are no longer sufficient, particularly for heavy adopters of public cloud resources such as the U.S. retail sector,” the report said, especially with the expanding use of external cloud services like SaaS (software as a service), PaaS (platform as a service) and IaaS (infrastructure as a service).
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
More on Surveys
The Latest
TrendsJul 18, 2025
Piece of the Week: CCWW Designs’ Shell Charm NecklaceThe charm necklace features six nautical charms of shells and coral that founder Christina Puchi collected on Florida’s beaches.
MajorsJul 18, 2025
Plumb Club Elects New Board MembersThe organization elected its youngest vice president as it looks to draw in fresh talent.
Brought to you by
Investing in the Next Generation of Bench JewelersThe Seymour & Evelyn Holtzman Bench Scholarship from Jewelers of America returns for a second year.
TechnologyJul 18, 2025
Brad Campbell, John Liebler Join Clientbook’s Executive Team Campbell joins the company as vice president of business development while Liebler is the new vice president of operations.
Weekly QuizJul 17, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
CollectionsJul 17, 2025
2026 Winter Olympic Medal Design Symbolizes UnityThe medals feature a split-texture design highlighting the Games’ first time being hosted by two cities and the athletes’ journeys.
Supplier BulletinJul 17, 2025
The INSTORE Jewelry Show 2025: Your Holiday Preparations, All Wrapped Up! Sponsored by The INSTORE Jewelry Show 2025
Brought to you by
Jewelers of America is Headed to Las Vegas for JCK 2025The countdown is on for the JCK Las Vegas Show and JA is pulling out all the stops.
IndependentsJul 17, 2025
Gina Ferranti of GiGi Ferranti Jewelry Dies at 59The Brooklyn-based jewelry designer is remembered as a true artist and a rare talent.
SourcingJul 17, 2025
Rio Tinto Names New CEO, Production Rises at DiavikProduction at the mine in Canada’s Northwest Territories topped 1 million carats in Q2, the third consecutive quarter of growth.
Events & AwardsJul 17, 2025
JA to Hold Learning Workshops This FallA new slate of Learning Workshops will take place in Oklahoma, Mississippi, and Georgia.
FinancialsJul 16, 2025
Richemont’s Jewelry Sales Up 7% in Q1It marks the third consecutive quarter of growth for Cartier, Van Cleef & Arpels, Buccellati, and Vhernier.
WatchesJul 16, 2025
The Top-Selling Rolex Models of the Last 15 Years, According to Bob’s Watches The reseller’s market trends report, based on its sales data, also shows exactly how much Rolex prices have jumped since 2010.
AuctionsJul 16, 2025
Christie’s To Honor Dinh Van With ExhibitionThe auction house will be hosting a retrospective paying tribute to jeweler Jean Dinh Van and his company’s 60th anniversary.
IndependentsJul 16, 2025
Clyde Duneier Ushers In Fourth GenerationJake Duneier and Danielle Duneier-Goldberg have stepped into the roles of CEO and president, respectively.
CollectionsJul 15, 2025
Boucheron’s New High Jewelry Calls Attention to Nature’s ImpermanenceThe “Impermanence” collection contemplates nature through the Japanese art of Ikebana (flower arranging) and philosophy of wabi-sabi.
MajorsJul 15, 2025
James Avery Expands to 2 More StatesThe Texas-based jewelry retailer has set up shop in Tennessee and Arizona.
Events & AwardsJul 15, 2025
Neiman Marcus Vet Joins Couture as Brand Director Eric Ford will step into the role, bringing with him decades of experience.
MajorsJul 15, 2025
Ben Bridge Jeweler Acquires Olympic ManufacturingIn addition to improved capabilities, the acquisition will allow the jeweler to offer support to other independent jewelers.
CollectionsJul 15, 2025
Guzema Debuts First Colored Gemstone JewelryThe “Celestial Blue” capsule collection campaign features Olympian Kateryna Sadurska.
MajorsJul 14, 2025
Nanis Opens First StoreThe seasonal store, located in Mykonos, Greece, offers exclusive events, personal styling, and curated experiences.
IndependentsJul 14, 2025
It’s the Summer of Love at Long’s JewelersThe New England jeweler is hosting a bridal event for the month of August.
SourcingJul 14, 2025
Ethical Gem Fair Heads to SeattleThe trade-only event will host its debut fair in the Emerald City later this month.
Events & AwardsJul 11, 2025
The Edge’s Annual Conference Returns in SeptemberIts sessions will focus on inventory strategies, staff performance, retention and acquisition, emerging market trends, and more.
CollectionsJul 11, 2025
Piece of the Week: Miseno’s ‘Arco’ EarringsFor its 10th anniversary, Miseno designed the “Arco” earrings based on the Arco Felice, an arch conceptualized in A.D. 95 in Miseno, Italy.
Policies & IssuesJul 11, 2025
James Avery to Donate $1M to Texas Hill Country Relief EffortsThe jewelry company is one of several contributing to relief efforts in the region after the recent floods.
TrendsJul 11, 2025
Kelly Osbourne’s Engagement Ring Is Sweet as HoneyInspired by fiancé Sid Wilson’s nickname for her, the white and yellow diamond ring features a unique honeycomb design.
