ColumnistsSep 05, 2025
Peter Smith: A Lasting Lesson From Maurice Tempelsman Smith recalls a bit of wisdom the industry leader, who died last week, shared at a diamond conference years ago.
SurveysAug 02, 2018
Report: US Retailers Are Top Targets for Data Breaches
According to the 2018 Thales Data Threat Report, U.S. retailers experienced twice as many IT security breaches than other retailers worldwide last year.
New York—A new report says that retailers in the United States are experiencing the most IT security breaches worldwide.
The retail edition of the 2018 Thales Data Threat Report based its findings on input from 100 senior retail IT security managers in the U.S. and 96 IT security managers from retailers in other countries to establish the state of IT security today.
It found that despite an increase in IT security spending—84 percent of U.S. retailers polled plan on upping their budgets this year, compared to 77 percent last year and 67 percent of international retailers this year—cyber-attackers are by and large staying one step ahead of companies.
Fifty percent of U.S. retailers surveyed said they experienced IT security breaches last year alone, compared to 19 percent in the 2017 report. Only 27 percent of global retailers, meanwhile, said they experienced a breach last year.
RELATED CONTENT: Saks, Lord & Taylor the Latest Hit by HackersSeventy-five percent of the respondents in the U.S. said they’ve experienced at least one breach, while 60 percent of global retailers said the same.
The retail industry, which is becoming increasingly digital, is a target for cyber attackers due to its high volume of credit card transactions. In fact, Thales says that overall, it’s the second most breached industry in the United States behind the federal government.
The results of the Thales study on IT security in retail mirror what the Jewelers Security Alliance found in its 2017 crime report. The JSA saw such a large uptick in cybercrime last year that for the first time ever, it broke the losses out separately.
The average dollar loss from cybercrime in the jewelry industry was $1.2 million last year, with JSA President John J. Kennedy calling it a “dangerous and growing crime trend.”
A Bad Investment
Despite the uptick in IT security budgets, the Thales report concluded that retailers are putting their money in places that even they recognize to be ineffective. what they themselves deem the most ineffective places.
Of available tools to battle security breaches, 91 percent of U.S. retailers said analysis and correlation tools are the most effective and 90 percent said data-in-motion— providing security for an e-mail in transit while it’s being sent, for example—is the second most effective weapon.
However, they indicated that their highest spending increases would go to endpoint/mobile defenses (77 percent), even though
they ranked this as the least effective security method. Only 57 percent of retailers plan to increase the budget for data-at rest (stored data) defense, and only 62 percent for data-in-motion defenses, despite these being more effective.
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
RELATED CONTENT: JSA: Smash-and-Grab Robberies, Cybercrime Up in 2017“Traditional endpoint and network security are no longer sufficient, particularly for heavy adopters of public cloud resources such as the U.S. retail sector,” the report said, especially with the expanding use of external cloud services like SaaS (software as a service), PaaS (platform as a service) and IaaS (infrastructure as a service).
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
More on Surveys
The Latest
CollectionsSep 05, 2025
Piece of the Week: Jamie Turner’s ‘Victoria’ Necklace The “Victoria” necklace features a labradorite hugged by diamond accents in 18-karat yellow gold.
Policies & IssuesSep 05, 2025
Trump Takes Tariffs Case to the Supreme Court Two lower courts have moved to block the import taxes, which will remain in place as the legal battle continues.
Brought to you by
Rallying Call for the Jewelry Industry on Tariffs and Other Key IssuesJewelers of America is leading the charge to protect the industry amidst rising economic threats.
WatchesSep 05, 2025
Patrick Mahomes Is the New Hublot Brand AmbassadorThe Kansas City Chiefs quarterback shares Hublot’s dedication to pursuing greatness, the Swiss watchmaker said.
Weekly QuizSep 04, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
SourcingSep 04, 2025
Lucara Unveils Unusual 37-Carat Pink DiamondThe Type IIa stone, recovered from Botswana’s Karowe diamond mine last month, features unique coloration.
Brought to you by
Taking the Moment Head On: How Rio Grande Champions the Present & Future of Fine JewelryAs a leading global jewelry supplier, Rio Grande is rapidly expanding and developing new solutions to meet the needs of jewelers worldwide.
Events & AwardsSep 04, 2025
27 Can’t-Miss Converge Sessions, Events From sunrise yoga to tariffs talks, these are some events to check out at the upcoming inaugural event.
WatchesSep 04, 2025
Breitling Takes Its NFL Game to the Next Level Breitling is now the NFL’s official timepiece partner, a move that puts the brand in front of the millions of Americans who watch football.
Events & AwardsSep 04, 2025
The NYC Jewelry, Antique, & Object Show Returns in NovemberNYCJAOS is set for Nov. 21-23 in New York City’s Chelsea neighborhood.
SourcingSep 03, 2025
Gemfields Confirms Completion of Fabergé SaleU.S.-based investment company SMG Capital LLC is the new owner of the luxury brand.
MajorsSep 03, 2025
These Are the Nearly 300 Claire’s Stores Set to CloseA new court filing details the locations of the stores that will close, as well as the 830 that will remain open.
MajorsSep 03, 2025
Stuller Releases 2 New Catalogs The new catalogs are “Tools, Equipment, & Metals” and “Findings & Metals.”
TrendsSep 03, 2025
Amanda’s Style File: A Perfect BirthstoneSapphire’s variety of colors make it the perfect birthstone for September.
FinancialsSep 02, 2025
Lab-Grown Diamonds, Lower-Priced Fashion Jewelry Drive Signet Jewelers’ Q2 SalesThe retailer has raised its guidance after seeing total sales increase 3 percent in the second quarter, beating expectations.
MajorsSep 02, 2025
Birks CEO Jean-Christophe Bédos Steps DownNiccolò Rossi di Montelera, executive chairman of the board, was appointed as interim CEO.
MajorsSep 02, 2025
Harry Winston Opens Its Largest Flagship in JapanThe three-floor space also features the jeweler’s largest VIP salon in Japan and offers an exclusive diamond pendant.
CollectionsSep 02, 2025
Stephanie Gottlieb Debuts Silver Designs in ‘All Hours’ CollabThe collection is a collaboration between Stephanie Gottlieb Fine Jewelry and Oak and Luna, focusing on understated essentials.
AuctionsAug 29, 2025
Sotheby’s UAE Sale to Feature 32-Carat Fancy Vivid Orangy Pink DiamondThe highlight of a single-owner jewelry and watch collection, it’s estimated to fetch up to $7 million at auction this December.
FinancialsAug 29, 2025
Movado’s Q2 Sales Rebound Despite Tariff ImpactCEO Efraim Grinberg noted a resurgence in the fashion watch market.
CollectionsAug 29, 2025
Piece of the Week: Mark Davis’ ‘Bullseye’ Necklace The “Bullseye” necklace, with vintage bakelite and peridot, August’s birthstone, is the perfect transitional piece as summer turns to fall.
Supplier BulletinAug 28, 2025
Clientbook Is Helping Jewelers Turn Clienteling Challenges into Wins with Hands-On Training and CoachingSponsored by Clientbook
GradingAug 28, 2025
GIA’s New ‘Quality Assessment’ for Lab-Grown Diamonds Is Coming It will classify lab-grown stones into one of two categories, “premium” or “standard,” in lieu of giving specific color and clarity grades.
SourcingAug 28, 2025
Botswana Declares Public Health Emergency Amid Diamond Sales SlumpPresident Duma Boko addressed the country’s medical supply chain crisis in a recent televised address.
MajorsAug 28, 2025
Borsheims Names New Jewelry BuyerFormer Free People buyer Afton Robertson-Kanne recently joined the retailer.
IndependentsAug 28, 2025
Sissy’s Log Cabin Donates School Supplies to Memphis StudentsThe jeweler teamed up with two local organizations for its inaugural “Back to School and Bling” event.
