EditorsNov 22, 2024
Out & About: Inside the CD Peacock MansionStep inside the nearly 21,000-square-foot suburban Chicago jewelry store with Editor-in-Chief Michelle Graff.
SurveysAug 02, 2018
Report: US Retailers Are Top Targets for Data Breaches
According to the 2018 Thales Data Threat Report, U.S. retailers experienced twice as many IT security breaches than other retailers worldwide last year.
New York—A new report says that retailers in the United States are experiencing the most IT security breaches worldwide.
The retail edition of the 2018 Thales Data Threat Report based its findings on input from 100 senior retail IT security managers in the U.S. and 96 IT security managers from retailers in other countries to establish the state of IT security today.
It found that despite an increase in IT security spending—84 percent of U.S. retailers polled plan on upping their budgets this year, compared to 77 percent last year and 67 percent of international retailers this year—cyber-attackers are by and large staying one step ahead of companies.
Fifty percent of U.S. retailers surveyed said they experienced IT security breaches last year alone, compared to 19 percent in the 2017 report. Only 27 percent of global retailers, meanwhile, said they experienced a breach last year.
RELATED CONTENT: Saks, Lord & Taylor the Latest Hit by HackersSeventy-five percent of the respondents in the U.S. said they’ve experienced at least one breach, while 60 percent of global retailers said the same.
The retail industry, which is becoming increasingly digital, is a target for cyber attackers due to its high volume of credit card transactions. In fact, Thales says that overall, it’s the second most breached industry in the United States behind the federal government.
The results of the Thales study on IT security in retail mirror what the Jewelers Security Alliance found in its 2017 crime report. The JSA saw such a large uptick in cybercrime last year that for the first time ever, it broke the losses out separately.
The average dollar loss from cybercrime in the jewelry industry was $1.2 million last year, with JSA President John J. Kennedy calling it a “dangerous and growing crime trend.”
A Bad Investment
Despite the uptick in IT security budgets, the Thales report concluded that retailers are putting their money in places that even they recognize to be ineffective. what they themselves deem the most ineffective places.
Of available tools to battle security breaches, 91 percent of U.S. retailers said analysis and correlation tools are the most effective and 90 percent said data-in-motion— providing security for an e-mail in transit while it’s being sent, for example—is the second most effective weapon.
However, they indicated that their highest spending increases would go to endpoint/mobile defenses (77 percent), even though
they ranked this as the least effective security method. Only 57 percent of retailers plan to increase the budget for data-at rest (stored data) defense, and only 62 percent for data-in-motion defenses, despite these being more effective.
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
RELATED CONTENT: JSA: Smash-and-Grab Robberies, Cybercrime Up in 2017“Traditional endpoint and network security are no longer sufficient, particularly for heavy adopters of public cloud resources such as the U.S. retail sector,” the report said, especially with the expanding use of external cloud services like SaaS (software as a service), PaaS (platform as a service) and IaaS (infrastructure as a service).
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
More on Surveys
The Latest
CollectionsNov 22, 2024
Piece of the Week: Xander Jane’s ‘Spiked’ Pearl StudsThese punk-inspired earrings from the new Canadian brand’s debut collection reveal the alter ego of the classic pearl.
SourcingNov 22, 2024
Facets of Fire Expands to Include Pear, Marquise DiamondsThe company brings its nanotechnology to two new fancy cuts for diamonds that feature its signature color and brilliance.
Brought to you by
Navigating Cybersecurity: Essential Guidance for JewelersFrom protecting customer data to safeguarding inventory records, it's crucial to learn how to tackle cybersecurity challenges.
Supplier BulletinNov 21, 2024
Tasha R Releases 2025 Labbelle Lab Diamond Jewelry CatalogSponsored by Tasha R
Weekly QuizNov 21, 2024
This Week’s QuizTest your jewelry news knowledge by answering these questions.
AuctionsNov 21, 2024
Gold Watch Gifted to Titanic Rescue Ship Captain Sells for $2MThree Titanic survivors presented him with the personalized Tiffany & Co. timepiece about a year after the tragedy.
MajorsNov 21, 2024
Harris Jewelry Ordered to Reopen Claims Portal for Refund RequestsA federal court found that the jewelry store chain violated terms of the settlement reached after it was accused of defrauding customers.
Brought to you by
Enhance Your Expertise with IGI’s In-Person Courses in NYCThis fall, sharpen your skills in jewelry grading, quality control and diamond assessment.
CollectionsNov 21, 2024
Channel Elphaba in Muse’s ‘Have a Heart x Cynthia Erivo’ CollectionCynthia Erivo chose Dreams of Hope, an organization dedicated to empowering LGBTQA+ youth, as the charity for this year’s collection.
MajorsNov 21, 2024
Rocksbox Opens Pop-Up Store in San FranciscoThe new space was designed to evoke a warm, inviting vibe.
IndependentsNov 21, 2024
Mary Moses Kinney Is Now Part of The Edge’s Team Kinney, who spent nearly 30 years at IJO, has been hired to head Abbott Jewelry Systems’ new virtual marketplace.
CrimeNov 20, 2024
Sotheby’s to Pay $6.25M Settlement to NY State for Alleged Tax FraudThe auction house was accused of helping clients avoid paying taxes on millions of dollars’ worth of art purchased from 2010 to 2020.
Events & AwardsNov 20, 2024
Kering Debuts New Jewelry Award With Sustainability FocusThe four finalists will present their pieces at the 2025 JCK Las Vegas show.
CollectionsNov 20, 2024
Pamela Love Channels Surrealist Artists in New CollectionThe “Camera Oscura” collection showcases earring designs celebrating female Surrealist artists Claude Cahun and Leonor Fini.
Policies & IssuesNov 20, 2024
Columbia Gem House Raises $10K for Reforestation EffortsThe money will fund the planting of 10,000 trees in critical areas across Oregon, Arizona, Montana, and other regions.
Events & AwardsNov 20, 2024
The Jewelry Symposium Opens Registration, Scholarship ApplicationsThe event centered on advancing jewelry manufacturing technology will return to Detroit in May 2025.
CrimeNov 19, 2024
Woman Killed in Armed Robbery of Sacramento Jewelry StoreLocal reports identified the woman as the wife of the jewelry store owner.
AuctionsNov 19, 2024
‘A Tsar’s Treasure’ Fetches $2.9M at Sotheby’s Jewelry SaleA collection of pieces owned by Ferdinand I, the first king of modern Bulgaria, and his family, blew away estimates in Geneva last week.
MajorsNov 19, 2024
Trove Opens First US Flagship in NYCThe Australian jewelry box brand’s new West Village store will showcase new jewelers each month through its Designer in Residence program.
CollectionsNov 19, 2024
Snoop Dogg’s New Jewelry Collection Is All About Love“Lovechild” was created in partnership with Carolyn Rafaelian’s Metal Alchemist brand.
EditorsNov 18, 2024
Q&A: Helzberg CEO Brad Hampton on the Jeweler’s RebrandHampton discussed how Helzberg is improving the customer experience and why it was inspired by the company formerly known as Dunkin’ Donuts.
Policies & IssuesNov 18, 2024
Reciprocity Jewels Returns to NYC Jewelry WeekThe group will host several curated events and an exhibition of designer jewelry made with Peruvian gold traceable to the miners’ names.
CollectionsNov 18, 2024
Dolly Parton Shines in Collaboration with Kendra ScottThe collection honors the 50th anniversary of Dolly Parton’s “Love is Like a Butterfly” song, which shares a birth year with Kendra Scott.
Events & AwardsNov 18, 2024
IGI Jewelry Design Competition ReturnsThis year’s theme asks designers to take inspiration from classic fairy tales.
EditorsNov 15, 2024
Why Fine Jewelry Belongs at New York Comic ConSenior Editor Lenore Fedow makes the case for why more jewelers should be appealing to nerds at the annual event.
CollectionsNov 15, 2024
Marie Lichtenberg Battles Counterfeits with New ‘Raiz’in Scapular’ DesignsThe latest “Raiz’in” drop showcases a newly designed “Scapular” necklace and donates a portion of the proceeds to Make-A-Wish France.
WatchesNov 15, 2024
Piece of the Week: Citizen’s Commemorative Pocket WatchNo. 1 out of 100, the timepiece was created to mark Citizen’s 100th anniversary and will be auctioned off at Sotheby’s next month.
