CollectionsApr 19, 2024
Piece of the Week: Retrouvaí’s Treasure NecklaceA new addition to the “Heirloom” collection, this one-of-a-kind piece features 32 custom-cut gemstones.
SurveysAug 02, 2018
Report: US Retailers Are Top Targets for Data Breaches
According to the 2018 Thales Data Threat Report, U.S. retailers experienced twice as many IT security breaches than other retailers worldwide last year.
New York—A new report says that retailers in the United States are experiencing the most IT security breaches worldwide.
The retail edition of the 2018 Thales Data Threat Report based its findings on input from 100 senior retail IT security managers in the U.S. and 96 IT security managers from retailers in other countries to establish the state of IT security today.
It found that despite an increase in IT security spending—84 percent of U.S. retailers polled plan on upping their budgets this year, compared to 77 percent last year and 67 percent of international retailers this year—cyber-attackers are by and large staying one step ahead of companies.
Fifty percent of U.S. retailers surveyed said they experienced IT security breaches last year alone, compared to 19 percent in the 2017 report. Only 27 percent of global retailers, meanwhile, said they experienced a breach last year.
RELATED CONTENT: Saks, Lord & Taylor the Latest Hit by HackersSeventy-five percent of the respondents in the U.S. said they’ve experienced at least one breach, while 60 percent of global retailers said the same.
The retail industry, which is becoming increasingly digital, is a target for cyber attackers due to its high volume of credit card transactions. In fact, Thales says that overall, it’s the second most breached industry in the United States behind the federal government.
The results of the Thales study on IT security in retail mirror what the Jewelers Security Alliance found in its 2017 crime report. The JSA saw such a large uptick in cybercrime last year that for the first time ever, it broke the losses out separately.
The average dollar loss from cybercrime in the jewelry industry was $1.2 million last year, with JSA President John J. Kennedy calling it a “dangerous and growing crime trend.”
A Bad Investment
Despite the uptick in IT security budgets, the Thales report concluded that retailers are putting their money in places that even they recognize to be ineffective. what they themselves deem the most ineffective places.
Of available tools to battle security breaches, 91 percent of U.S. retailers said analysis and correlation tools are the most effective and 90 percent said data-in-motion— providing security for an e-mail in transit while it’s being sent, for example—is the second most effective weapon.
However, they indicated that their highest spending increases would go to endpoint/mobile defenses (77 percent), even though
they ranked this as the least effective security method. Only 57 percent of retailers plan to increase the budget for data-at rest (stored data) defense, and only 62 percent for data-in-motion defenses, despite these being more effective.
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
RELATED CONTENT: JSA: Smash-and-Grab Robberies, Cybercrime Up in 2017“Traditional endpoint and network security are no longer sufficient, particularly for heavy adopters of public cloud resources such as the U.S. retail sector,” the report said, especially with the expanding use of external cloud services like SaaS (software as a service), PaaS (platform as a service) and IaaS (infrastructure as a service).
Where the Money Should Go
Thales asserts that tools like discovery/classification and encryption or tokenization are key to protecting against IT security breaches today.
Only 26 percent of U.S. retailers polled said they are implementing encryption in the cloud, compared with 30 percent of global retailers.
Fifty-two percent of U.S. respondents cited a lack of perceived need as the top reason for not devoting more resources to tools like encryption and tokenization, while 47 percent also cited impact on business performance and 46 percent were put off by its complexity.
In a past interview with National Jeweler, Kennedy offered a list of cybersecurity recommendations for jewelers specifically, some of which might involve hiring an IT firm.
They include: proper firewalls, up-to-date anti-virus software, the avoidance of “risky” internet sites and the training of staff on the types of mistakes that often let in hackers.
Staff need to be told, or reminded, not to open or click into unknown or suspicious emails, and to look carefully at emails from known parties for misspellings and other anomalies as emails addressed can be spoofed.
Thales said that retailers should “re-prioritize” their IT security toolsets, focusing on ones that offer service-based deployments, platforms and automation to reduce complexity while adding protection.
It also recommended that retailers go beyond national and international compliance measures and employ security tools like encryption and tokenization. Encryption needs to be applied to all platforms, not just desktop and laptop computers.
Specifically, Thales recommends encrypting the cloud, big data, data located within containers and IoT (interconnected devices with IP addresses).
It’s likely that compliance guidelines will one day mandate these practices, the report said, so retailers can benefit from getting a head start on them, hopefully avoiding data breaches in the process.
More on Surveys
The Latest
CrimeApr 19, 2024
Grand Jury to Hear Case Against Jeweler Charged in Fatal Shove Following IJO ShowLast month in Dallas, David Walton pushed another jeweler, David Ettinger, who later died.
MajorsApr 19, 2024
Unique Designs Acquires China PearlThe move will allow the manufacturing company to offer a more “diverse and comprehensive” range of products.
Brought to you by
The Blueprint for Success in Scalable, Personalized Jewelry RetailWith Ho Brothers, you can unlock your brand's true potential and offer customers the personalized jewelry experiences they desire.
GradingApr 19, 2024
AGS Ideal Report Now Available in Printed FormFrom now through mid-May, GIA will be offering the reports at a 50 percent discount.
Weekly QuizApr 19, 2024
This Week’s QuizTest your jewelry news knowledge by answering these seven questions.
SourcingApr 18, 2024
Diamond Trade Remains Cautious Amid Economic UncertaintyDe Beers’ rough diamond sales were down 18 percent year-over-year in its latest round of sales.
Supplier BulletinApr 18, 2024
Discover History’s Hidden Gems at the Las Vegas Antique Jewelry & Watch ShowSponsored by the Las Vegas Antique Jewelry & Watch Show
Brought to you by
How Jewelers of America Represents Your BusinessFor over 30 years, JA has advocated for the industry, fought against harmful legislation and backed measures that help jewelry businesses.
WatchesApr 18, 2024
Watch E-tailer Collectability Hires Kelly YochThe Patek Philippe expert will serve as personal curator for the brand-focused company.
WatchesApr 18, 2024
TAG Heuer Opens Its Largest Standalone Boutique at SeaThe 553-square-foot shop is aboard the Carnival Jubilee cruise ship.
Policies & IssuesApr 17, 2024
NDC Prevails in U.K. Case Over Lab-Grown Diamond AdvertisingNDC filed a complaint against Skydiamond for use of phrases like “diamonds made entirely from the sky.”
Events & AwardsApr 17, 2024
And the 2024 Winner of the Shipley Award Is … John Carter received the AGS’s highest honor Tuesday afternoon at Conclave in Austin, Texas.
FinancialsApr 17, 2024
LVMH’s Q1 Jewelry Sales Fall 5%LVMH said the company performed well despite an uncertain geopolitical and economic environment.
MajorsApr 17, 2024
Stuller’s B&D Opens New HeadquartersB&D Sales and Service held a ribbon-cutting event for its new location in Cranston, Rhode Island.
CollectionsApr 16, 2024
Akaila Reid Launches ‘Eat Cake’ CollectionIt’s ultra-feminine and filled with gold, pearls, and soft pastels.
MajorsApr 16, 2024
Loudr Adds 2 DirectorsEmily Highet Morgan and Emily Bennett have joined the agency’s team.
MajorsApr 16, 2024
Stuller Releases First Lab-Grown Diamond Jewelry CatalogIts updated book for mountings is also now available.
SourcingApr 16, 2024
Karen Rentmeesters Takes Over as Interim CEO of AWDCShe has been with the organization since 2010, most recently serving as its chief officer of PR and industry relations.
TechnologyApr 15, 2024
Judge Rules Jeweler’s Lawsuit Against PNC Bank Can Move ForwardJoyce’s Jewelry sued the bank after cybercriminals drained its accounts of nearly $1.6 million through a series of wire transfers.
IndependentsApr 15, 2024
Alfred W. DeScenza of DeScenza Diamonds Dies at 95He is remembered by loved ones for his loyalty, integrity, and kindness.
AuctionsApr 15, 2024
Madeleine K. Albright Jewelry, Pins Coming to AuctionHosted by Freeman’s | Hindman, the sale will take place May 7-8.
AuctionsApr 15, 2024
All of Sotheby’s ‘Rough Diamonds’ Sold in Less Than an HourThe auction house said all 24 timepieces offered in its underground sale of rare and avant-garde watches quickly found buyers.
Events & AwardsApr 15, 2024
10 Can’t-Miss Sessions at AGS Conclave 2024From lab-grown diamonds and AI to the inevitable Taylor Swift mention, here are some of Conclave’s most intriguing educational offerings.
Recorded WebinarsApr 12, 2024
Watch: What Jewelers Need to Know About InsuranceFrom cybersecurity liability to trade show coverage, insurance experts share tips on how to build the right policy.
CollectionsApr 12, 2024
Piece of the Week: Lionheart’s Evil Eye Gemstone CharmThe charm is a modern rendition of the evil eye amulet that has been worn for thousands of years.
Events & AwardsApr 12, 2024
The Jewelry Symposium Announces 4 Scholarship WinnersAhead of its trade show next month, TJS awarded free registration and accommodations to one jewelry professional and three students.
Policies & IssuesApr 11, 2024
SRK Exports’ Journey Toward Net Zero Impact By the end of this year, SRK’s diamond manufacturing complexes will achieve net zero emissions, one of an impressive array of achievements.
