MajorsDec 19, 2025
MadaLuxe Group Acquires Ippolita The luxury goods company said founder Ippolita Rostagno will remain at the brand’s helm.
SurveysAug 02, 2018
Report: US Retailers Are Top Targets for Data Breaches
According to the 2018 Thales Data Threat Report, U.S. retailers experienced twice as many IT security breaches than other retailers worldwide last year.
New York—A new report says that retailers in the United States are experiencing the most IT security breaches worldwide.
The retail edition of the 2018 Thales Data Threat Report based its findings on input from 100 senior retail IT security managers in the U.S. and 96 IT security managers from retailers in other countries to establish the state of IT security today.
It found that despite an increase in IT security spending—84 percent of U.S. retailers polled plan on upping their budgets this year, compared to 77 percent last year and 67 percent of international retailers this year—cyber-attackers are by and large staying one step ahead of companies.
Fifty percent of U.S. retailers surveyed said they experienced IT security breaches last year alone, compared to 19 percent in the 2017 report. Only 27 percent of global retailers, meanwhile, said they experienced a breach last year.
RELATED CONTENT: Saks, Lord & Taylor the Latest Hit by HackersSeventy-five percent of the respondents in the U.S. said they’ve experienced at least one breach, while 60 percent of global retailers said the same.
The retail industry, which is becoming increasingly digital, is a target for cyber attackers due to its high volume of credit card transactions. In fact, Thales says that overall, it’s the second most breached industry in the United States behind the federal government.
The results of the Thales study on IT security in retail mirror what the Jewelers Security Alliance found in its 2017 crime report. The JSA saw such a large uptick in cybercrime last year that for the first time ever, it broke the losses out separately.
The average dollar loss from cybercrime in the jewelry industry was $1.2 million last year, with JSA President John J. Kennedy calling it a “dangerous and growing crime trend.”
A Bad Investment
Despite the uptick in IT security budgets, the Thales report concluded that retailers are putting their money in places that even they recognize to be ineffective. what they themselves deem the most ineffective places.
Of available tools to battle security breaches, 91 percent of U.S. retailers said analysis and correlation tools are the most effective and 90 percent said data-in-motion— providing security for an e-mail in transit while it’s being sent, for example—is the second most effective weapon.
However, they indicated that their highest spending increases would go to endpoint/mobile defenses (77 percent), even though
they ranked this as the least effective security method. Only 57 percent of retailers plan to increase the budget for data-at rest (stored data) defense, and only 62 percent for data-in-motion defenses, despite these being more effective.
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
RELATED CONTENT: JSA: Smash-and-Grab Robberies, Cybercrime Up in 2017“Traditional endpoint and network security are no longer sufficient, particularly for heavy adopters of public cloud resources such as the U.S. retail sector,” the report said, especially with the expanding use of external cloud services like SaaS (software as a service), PaaS (platform as a service) and IaaS (infrastructure as a service).
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
More on Surveys
The Latest
MajorsDec 19, 2025
LVMH Names New Bulgari CEOLaura Burdese, who joined the Italian luxury brand in 2022, will take on the role in July.
EditorsDec 19, 2025
2025 Jewelry Superlatives: A Yearbook-Style Year in Review The National Jeweler editors revisit the most noteworthy industry happenings and design trends from 2025.
Brought to you by
Impacting Tomorrow TodayHow Jewelers of America’s 20 Under 40 are leading to ensure a brighter future for the jewelry industry.
AuctionsDec 19, 2025
Jean Schlumberger’s ‘African Cat’ Is Purr-Fection Need a gift for the cat lover who has everything? Look no further than our latest Piece of the Week.
Weekly QuizDec 18, 2025
This Week’s QuizTest your jewelry news knowledge by answering these questions.
AuctionsDec 18, 2025
Audemars Piguet Reclaims Historic Pocket Watch at AuctionIt purchased the “Grosse Pièce,” an ultra-complicated Audemars Piguet pocket watch from the ‘20s, for a record-breaking price at Sotheby’s.
Lab-GrownDec 18, 2025
Kira Jewels Debuts Custom Lab-Grown Diamond Jewelry ServiceThe lab-grown diamond grower now offers custom engagement and fashion jewelry through its Kira Custom Lab Jewelry service.
Brought to you by
Roseco Releases New Full-Line CatalogRoseco’s 704-page catalog showcases new lab-grown diamonds, findings, tools & more—available in print or interactive digital editions.
EditorsDec 18, 2025
Terry Chandler Looks Back on 40 Years of Opportunity, Change, and FriendsChandler got his start at Michelson Jewelers and has served as DCA president and CEO since 2001. He will retire at the end of the month.
WatchesDec 18, 2025
Bob’s Watches to Open Store in New York’s JFK AirportThe boutique is slated to open this week inside Terminal 8, offering pre-owned Rolex watches and more to international travelers.
Supplier BulletinDec 18, 2025
Cell Jammers Are Targeting Your Business. Here's How to Beat ThemSponsored by Digital Monitoring Products
CrimeDec 17, 2025
Man Pleads Not Guilty to Swallowing Fabergé PendantThe special-edition egg pendant ingested in a New Zealand jewelry store was recovered after a six-day wait.
EditorsDec 17, 2025
2025 Jewelry Rewind: The Best Piece of the Week PicksAssociate Editor Natalie Francisco plays favorites with Piece of the Week, selecting a standout piece of jewelry from each month of 2025.
CollectionsDec 17, 2025
Lucy Hale Stars in Jacquie Aiche’s Holiday CampaignThe “Love and Desire” campaign is inspired by the magic that follows when one’s heart leads the way, said the brand.
GradingDec 17, 2025
SSEF Announces 2025 Scholarship WinnersTwo awardees will receive free tuition for an educational course at the Swiss lab, with flights and lodging included.
MajorsDec 16, 2025
Pandora’s New CEO Will Step Up EarlyBerta de Pablos-Barbier will replace Alexander Lacik at the start of January, two months earlier than expected.
AuctionsDec 16, 2025
Suzanne Belperron, JAR Shine in Sotheby’s First Auctions at New HQSotheby’s held its first two jewelry sales at the Breuer building last week, and they totaled nearly $44 million.
Events & AwardsDec 16, 2025
TJS Now Accepting Scholarship Applications for 2026Winners will receive free registration and lodging for its fourth annual event in Detroit.
ColumnistsDec 16, 2025
Beyond Unboxing: Creative Reveals to Drive Reach and EngagementHere are six ideas for making more engaging content for Instagram Reels and TikTok, courtesy of Duvall O’Steen and Jen Cullen Williams.
Events & AwardsDec 16, 2025
Diamonds Do Good Names 2026 Award RecipientsThe honorees include a notable jewelry brand, an industry veteran, and an independent retailer.
CrimeDec 15, 2025
Men Receive Life Sentences in Home Invasion Murder of Jeweler Carlos Jose Hernandez and Joshua Zuazo were sentenced to life without the possibility of parole in the 2024 murder of Hussein “Sam” Murray.
Policies & IssuesDec 15, 2025
Sara Yood Named Co-Chair of RJC Standards CommitteeYood will serve alongside Eduard Stefanescu, the sustainability manager for C.Hafner, a precious metals refiner in Germany.
IndependentsDec 15, 2025
M.S. Rau to Open Store in AspenThe New Orleans jeweler is also hosting pop-up jewelry boutiques in New York City and Dallas.
AuctionsDec 12, 2025
13.54-Carat Paraíba Tourmaline Sets Records at Christie’sSet in a Tiffany & Co. necklace, it sold for $4.2 million, the highest price and price per carat paid for a Paraíba tourmaline at auction.
MajorsDec 12, 2025
David Webb Reveals Ice-Cold Holiday Window DisplayThe jeweler’s “Deep Freeze” display showcases its iconic jewelry designs frozen in a vintage icebox.
CollectionsDec 12, 2025
Piece of the Week: Oscar Heyman’s Sphene RingTake luxury gifting to new heights this holiday season with the jeweler’s showstopping 12-carat sphene ring.
Events & AwardsDec 12, 2025
IGI Jewelry Design Contest Now Accepting SubmissionsThis year's theme is “Unveiling the Depths of the Ocean.”
