Policies & IssuesNov 04, 2025
Supreme Court to Hear Tariffs Case WednesdayAhead of the hearing, two industry organizations co-signed an amicus brief urging the court to declare Trump’s tariffs unlawful.
SurveysAug 02, 2018
Report: US Retailers Are Top Targets for Data Breaches
According to the 2018 Thales Data Threat Report, U.S. retailers experienced twice as many IT security breaches than other retailers worldwide last year.
New York—A new report says that retailers in the United States are experiencing the most IT security breaches worldwide.
The retail edition of the 2018 Thales Data Threat Report based its findings on input from 100 senior retail IT security managers in the U.S. and 96 IT security managers from retailers in other countries to establish the state of IT security today.
It found that despite an increase in IT security spending—84 percent of U.S. retailers polled plan on upping their budgets this year, compared to 77 percent last year and 67 percent of international retailers this year—cyber-attackers are by and large staying one step ahead of companies.
Fifty percent of U.S. retailers surveyed said they experienced IT security breaches last year alone, compared to 19 percent in the 2017 report. Only 27 percent of global retailers, meanwhile, said they experienced a breach last year.
RELATED CONTENT: Saks, Lord & Taylor the Latest Hit by HackersSeventy-five percent of the respondents in the U.S. said they’ve experienced at least one breach, while 60 percent of global retailers said the same.
The retail industry, which is becoming increasingly digital, is a target for cyber attackers due to its high volume of credit card transactions. In fact, Thales says that overall, it’s the second most breached industry in the United States behind the federal government.
The results of the Thales study on IT security in retail mirror what the Jewelers Security Alliance found in its 2017 crime report. The JSA saw such a large uptick in cybercrime last year that for the first time ever, it broke the losses out separately.
The average dollar loss from cybercrime in the jewelry industry was $1.2 million last year, with JSA President John J. Kennedy calling it a “dangerous and growing crime trend.”
A Bad Investment
Despite the uptick in IT security budgets, the Thales report concluded that retailers are putting their money in places that even they recognize to be ineffective. what they themselves deem the most ineffective places.
Of available tools to battle security breaches, 91 percent of U.S. retailers said analysis and correlation tools are the most effective and 90 percent said data-in-motion— providing security for an e-mail in transit while it’s being sent, for example—is the second most effective weapon.
However, they indicated that their highest spending increases would go to endpoint/mobile defenses (77 percent), even though
they ranked this as the least effective security method. Only 57 percent of retailers plan to increase the budget for data-at rest (stored data) defense, and only 62 percent for data-in-motion defenses, despite these being more effective.
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
RELATED CONTENT: JSA: Smash-and-Grab Robberies, Cybercrime Up in 2017“Traditional endpoint and network security are no longer sufficient, particularly for heavy adopters of public cloud resources such as the U.S. retail sector,” the report said, especially with the expanding use of external cloud services like SaaS (software as a service), PaaS (platform as a service) and IaaS (infrastructure as a service).
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
More on Surveys
The Latest
MajorsNov 04, 2025
Danny Clark to Become Stuller CEO, Succeeding Matt StullerStuller COO Belit Myers will take on the additional role of president, with all changes effective at the start of 2026.
ColumnistsNov 04, 2025
Peter Smith: What Do Birds Have to Do With the Price of Gold? Smith cautions retailers against expending too much energy on things they can’t control, like the rising price of gold.
Brought to you by
Jewelers of America Aligns New Mission to Create Meaningful Impact for MembersFrom educational programs, advocacy, and recent MJSA affiliation, Jewelers of America drives progress that elevates businesses of all sizes.
TrendsNov 04, 2025
Amanda’s Style File: Fall Colors for November BirthdaysCitrine and topaz are birthstones fit for fall as the leaves change color and the holiday season approaches.
Weekly QuizOct 30, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
IndependentsNov 04, 2025
Weston Jewelers Heads to Fort LauderdaleThe family-owned jeweler will open its fourth store in Florida in late 2027.
CrimeNov 03, 2025
Men Dressed as Construction Workers Burglarize Jeweler’s Home The NYPD is looking for three men who stole a safe and jewelry valued at $3.2 million from the home of a jeweler in Jamaica Hills, Queens.
MajorsNov 03, 2025
Matthew Rosenheim Takes Over as JA Board ChairThe trade organization also announced its executive committee and five new directors.
CollectionsNov 03, 2025
Muse’s ‘Have a Heart’ Collab Returns, Now With DDGThe “Have a Heart x Diamonds Do Good” collection is championed by model and humanitarian Flaviana Matata and will benefit her foundation.
AuctionsNov 03, 2025
Kashmir Sapphire Ring Tops Christie's Online AuctionThe ring, set with a nearly 17-carat Kashmir cabochon sapphire, sold for $1 million.
TrendsOct 31, 2025
Piece of the Week: A Spinner Fit for ‘Frankenstein’This “Mother Father” spinner necklace from Heavenly Vices Fine Jewelry draws inspiration from Victorian Era jewelry.
CrimeOct 31, 2025
5 More Arrested in Louvre Heist, Jewelry Still Missing The suspects were rounded up in Paris and its suburbs on Wednesday night, but none of the stolen jewels were recovered with them.
Recorded WebinarsOct 31, 2025
Watch: How to Master Google Reviews for Your BusinessExperts share top tips on how to encourage positive reviews and handle negative feedback.
Supplier BulletinOct 30, 2025
Protect Your Customers and Your BusinessSponsored by the Gemological Institute of America
CrimeOct 30, 2025
29-Year-Old Man Charged in Multiple Seattle-Area Smash and Grabs The suspect faces charges in the August robbery of Menashe & Sons Jewelers and is accused of committing smash and grabs at two pawn shops.
Lab-GrownOct 30, 2025
Alison Lou’s New Collection Uses Lab-Grown Diamonds and ResinThe “Lumière Fine” collection was born from designer Alison Chemla’s interest in the transformative power of light.
TrendsOct 30, 2025
Amanda’s Style File: A Haunted HalloweenShow off your spooky side with these 12 festive jewels.
Events & AwardsOct 30, 2025
Jewelers Mutual to Host Jewelry Panel at Frazier History MuseumThe “Brilliant & Beyond” panel coincides with the “Love & Marriage” exhibition curated by Davis Jewelers in Louisville, Kentucky.
Events & AwardsOct 29, 2025
October Brings Little Change to Consumer Confidence Consumers are feeling more optimistic about their present situation while the short-term future remains a little scary.
Events & AwardsOct 29, 2025
Couture Partners With Time to WatchesThe company, which organizes a watch show in Geneva every spring, will bring a selection of watch brands to the 2026 Couture show in Vegas.
TrendsOct 29, 2025
Beth Bernstein Releases Vintage Jewelry Guide“The Modern Guide to Vintage Jewellery” follows the evolution of jewelry design from the ‘30s to the ‘80s with buying and styling advice.
EditorsOct 29, 2025
Why Creepy, Crawly Bugs Inspire Beautiful JewelryFor her annual Halloween story, Senior Editor Lenore Fedow explores the symbolism behind spiders, beetles, and other eerie insects.
Events & AwardsOct 28, 2025
Meet the 2026 Gem Award NomineesNotable jewelry designers, members of the press, and retailers are up for an award at next year’s gala.
Recorded WebinarsOct 28, 2025
Watch: The State of the Jewelry Industry Leaders from Jewelers of America and National Jeweler discuss the gold price, tariffs, and more in this one-hour webinar.
CollectionsOct 28, 2025
Eriness Reflects on Life in ‘One of One’ CollectionAfter experiencing motherhood, growth, and loss, founder and designer Erin Sachse has created 10 irreplaceable jewels.
AuctionsOct 27, 2025
Napoleon Left This Brooch Behind, And Now It’s Up For AuctionIt is part of Sotheby’s “Royal & Noble Jewels” sale along with an ornate hair ornament and an old mine-cut light pink diamond ring.
