Retail Industry Leaders Association
Connect:
RILA's blog - RetailCheckout.org Follow @RILAtweets on Twitter The RILA Network on LinkedIn RILA on InstagramRILA on Google+
My Profile   |  
Sign In
Search
  • About Us
  • Contact Us
  • Conferences & Meetings
  • Join RILA
  • Newsroom
Search Page Tools
  • RILACurrently selected
    • Advocacy
      • Message from President
      • Committees
        • Communications
        • Cybersecurity Leaders Council
        • Government Affairs Committee
        • Privacy Leaders Council
        • Public Policy Steering Committee
        • State Affairs Committee
      • Technology
        • RILA Cybersecurity and Data Privacy Initiative
      • Sales Tax
      • Financial Services
        • Sales Tax
      • Tax Reform
        • Tax Documents
        • Border Adjustable Tax
      • Trade
        • Trade
      • Workforce
        • Health Care
        • Labor
      • Retail is For Everyone
    • Asset Protection
      • Committees
        • Asset Protection Leaders Council
        • Asset Protection Steering Committee
        • Crimes Against Business Committee
        • Horizons Committee
        • Workplace Safety Committee
        • Disaster Recovery & Preparedness Forum
        • Operational Audit Forum
      • Conference
      • Forums
      • Resources
        • Beyond Shrinkage - Introduction to Total Retail Loss
        • Mobile Point-of-Sale and Loss Prevention: An Assessment of Risk
        • Opportunities and Challenges for Engaging Merchants in the Protection of Retail Assets
    • Finance
      • Tax
        • Tax Committee
      • Committees
      • Resources
      • Revenue-Recognition Redirect to Swipe Fees Page
    • Human Resources
      • Committees
      • Health Care
      • Labor & Employment
    • Innovation
      • Events
      • Team
      • Sign up
    • Legal / Compliance
      • Committees
      • Product Safety
      • Regulatory Comment Letters
      • Retail Litigation Center
    • Research
    • Supply Chain
      • Committees
        • Customs Committee
        • Distribution Committee
        • International Trade Committee
        • Supply Chain Leaders Council
        • Supply Chain Security Committee
        • Supply Chain Steering Committee
        • Transportation & Infrastructure Committee
      • Conference
      • Resources
        • Presentation Library
        • Videos
        • The State of the Retail Supply Chain
        • Warehousing and Distribution Metrics Benchmarking Survey
      • Trade
      • Transportation
      • Women in Supply Chain
        • Women in Logistics @Logistics 2010
        • Women in Logistics @Logistics 2009
    • Sustainability / Environment
      • Committees
        • Sustainability Committee
        • Retail Horizons Committee
        • Energy Management Program
        • Responsible/Ethical Sourcing Workgroup
        • Environmental Compliance Committee
      • Events
      • Energy Management Program
        • Engagement Methods
        • Member Responsibilities
        • Leadership Model
        • Resource Library
        • Industry Report
        • Financial Management
        • Leased Store Management
        • Renewable Energy
        • Workflow and Approval Process
      • Horizons Program
        • About the Program
        • Program Deliverables
        • Work Groups
        • Media Materials & Blogs
        • Sustainability Executive Program
      • CRC Site
      • Sustainability Management Report
      • Energy Management Report
Community Quicklinks
 
  • Categories
    • Asset Protection
    • Cybersecurity
    • Finance
    • Health Care
    • Human Resources
    • Innovation
    • Labor
    • Legal/Regulatory Affairs
    • Privacy
    • Retail
    • Supply Chain
    • Sustainability
    • Tax
    • Trade
Compliance Details
javascript:commonShowModalDialog('{SiteUrl}'+ '/_layouts/15/itemexpiration.aspx' +'?ID={ItemId}&List={ListId}', 'center:1;dialogHeight:500px;dialogWidth:500px;resizable:yes;status:no;location:no;menubar:no;help:no', function GotoPageAfterClose(pageid){if(pageid == 'hold') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/hold.aspx' +'?ID={ItemId}&List={ListId}'); return false;} if(pageid == 'audit') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/Reporting.aspx' +'?Category=Auditing&backtype=item&ID={ItemId}&List={ListId}'); return false;} if(pageid == 'config') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/expirationconfig.aspx' +'?ID={ItemId}&List={ListId}'); return false;}}, null);
0x0
0x1
ContentType
0x01
898
Document Set Version History
/_layouts/15/images/versions.gif?rev=23
javascript:SP.UI.ModalDialog.ShowPopupDialog('{SiteUrl}'+ '/_layouts/15/DocSetVersions.aspx' + '?List={ListId}&ID={ItemId}')
0x0
0x0
ContentType
0x0120D520
330
Send To other location
/_layouts/15/images/sendOtherLoc.gif?rev=23
javascript:GoToPage('{SiteUrl}' + '/_layouts/15/docsetsend.aspx' + '?List={ListId}&ID={ItemId}')
0x0
0x0
ContentType
0x0120D520
350
You are here: Skip Navigation LinksRILA » News and Resources » Retail Checkout

Retail Checkout

Feb 18
Taking a Look Inside the World of Retail Security
by  85686 on 2/18/2016 2:13 PM

This article is the fourth in a series of Q&A's between RILA's Senior Vice President of Retail Operations Lisa LaBruno and featured general session spekers who will present at the 2016 Retail Asset Protection Conference 


​Taking a Look Inside the World of Retail Security
wendy-ISSA-infosecon_blog.jpg
"Security professionals always talk about 'getting the basics right,' and it sounds like a platitude, but if doing it were easy, we wouldn't have to keep bringing it up." Security in retail is one of the most important issues retailers face today in this ever-evolving world of technology, but who are the people behind the scenes working on innovative ways to protect us?

RILA's Lisa LaBruno, senior vice president of retail operations, recently sat down with Wendy Nather, research director at the Retail Cyber Intelligence Sharing Center (R-CISC) and 2016 Retail Asset Protection Conference speaker, to get a look inside the world of retail security and what are some of the top security issues that retailers face today.

LL: What are some of the greatest security risks retailers face today?

WN: One of the greatest risks is automation, which is the criminals' best friend. As each type of attack gets automated — whether it's triangulation fraud, account takeovers, custom malware creation, or distributed denial-of-service — the burden is on the retailer to automate its defenses to match. The other side of that coin is the fact that retailers have increasingly complex environments to manage, and they have to automate the same customer functions that criminals then abuse. Convenience for the customer is potentially convenience for the criminal.

LL:  What do you think is the best form of security management retailers could practice?

WN: Security professionals always talk about "getting the basics right," and it sounds like a platitude, but if doing it were easy, we wouldn't have to keep bringing it up. If you know what you have, can keep it configured the way you intended, monitor changes to it, and also make changes quickly when you have to, then that's half the battle. Buying more security technology doesn't help if you have trouble managing the underlying systems.

 LL: What do you see 2016 bringing the retail industry in the way of cybersecurity trends, issues, attacks, prevention, etc.?

WN: Ransomware is very big right now, and I see it as an equal opportunity threat — it can affect small retailers just as much as larger ones. Wire fraud is another trend we're seeing among the R-CISC members: cleverly crafted emails purporting to be from the CEO or CFO, asking for urgent wire transfers. And as we develop more ways for customers to interact with us and make purchases, account takeover attacks are going to take advantage of the expanded channels.

 LL:  What made you transition from IT security roles to the Research Director of the Retail Cyber Intelligence Sharing Center (R-CISC)?

 WN: I've worked with big organizations and small ones, and I know what it's like to try to defend an organization with no people and no budget. In working for the R-CISC, I hope to bring resources to bear for our members, no matter which sector they represent or what level of security they have today. It's one of the greatest challenges within the security field, and I have a lot of respect for the people who have been securing retail all this time.

 LL: You were listed as one of SC Magazine's Women in IT Security "Power Players" in 2014 – talk about what that means to you.

 WN: It was a great surprise, but I was honored to be listed. As an industry analyst, I had the opportunity to talk directly with CEOs and CTOs about their visions for their companies, and learning from the source like that is priceless. Having said that, I do hope that in the future, the presence and contributions of women in security will be so common that they don't need to be remarked on, any more than we need to call out security professionals with brown hair.

 Don't miss Wendy's presentation Bigger, Faster, Weirder: What You Need To Know About Cybersecurity Trends for 2016 at the 2016 Retail Asset Protection Conference​, April 17-20, in Dallas. Register today! ​

Permanent Link to Post | Email Post Link | Number of Comments 0 Comment(s)
Compliance Details
javascript:commonShowModalDialog('{SiteUrl}'+ '/_layouts/15/itemexpiration.aspx' +'?ID={ItemId}&List={ListId}', 'center:1;dialogHeight:500px;dialogWidth:500px;resizable:yes;status:no;location:no;menubar:no;help:no', function GotoPageAfterClose(pageid){if(pageid == 'hold') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/hold.aspx' +'?ID={ItemId}&List={ListId}'); return false;} if(pageid == 'audit') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/Reporting.aspx' +'?Category=Auditing&backtype=item&ID={ItemId}&List={ListId}'); return false;} if(pageid == 'config') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/expirationconfig.aspx' +'?ID={ItemId}&List={ListId}'); return false;}}, null);
0x0
0x1
ContentType
0x01
898
Document Set Version History
/_layouts/15/images/versions.gif?rev=23
javascript:SP.UI.ModalDialog.ShowPopupDialog('{SiteUrl}'+ '/_layouts/15/DocSetVersions.aspx' + '?List={ListId}&ID={ItemId}')
0x0
0x0
ContentType
0x0120D520
330
Send To other location
/_layouts/15/images/sendOtherLoc.gif?rev=23
javascript:GoToPage('{SiteUrl}' + '/_layouts/15/docsetsend.aspx' + '?List={ListId}&ID={ItemId}')
0x0
0x0
ContentType
0x0120D520
350

Comments

There are no comments for this post.
Compliance Details
javascript:commonShowModalDialog('{SiteUrl}'+ '/_layouts/15/itemexpiration.aspx' +'?ID={ItemId}&List={ListId}', 'center:1;dialogHeight:500px;dialogWidth:500px;resizable:yes;status:no;location:no;menubar:no;help:no', function GotoPageAfterClose(pageid){if(pageid == 'hold') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/hold.aspx' +'?ID={ItemId}&List={ListId}'); return false;} if(pageid == 'audit') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/Reporting.aspx' +'?Category=Auditing&backtype=item&ID={ItemId}&List={ListId}'); return false;} if(pageid == 'config') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/expirationconfig.aspx' +'?ID={ItemId}&List={ListId}'); return false;}}, null);
0x0
0x1
ContentType
0x01
898
Document Set Version History
/_layouts/15/images/versions.gif?rev=23
javascript:SP.UI.ModalDialog.ShowPopupDialog('{SiteUrl}'+ '/_layouts/15/DocSetVersions.aspx' + '?List={ListId}&ID={ItemId}')
0x0
0x0
ContentType
0x0120D520
330
Send To other location
/_layouts/15/images/sendOtherLoc.gif?rev=23
javascript:GoToPage('{SiteUrl}' + '/_layouts/15/docsetsend.aspx' + '?List={ListId}&ID={ItemId}')
0x0
0x0
ContentType
0x0120D520
350
  • Home
  • Privacy Policy
  • Terms of Use
  • Site Map
  • ©  Retail Industry Leaders Association
  • 1700 N. Moore Street, Suite 2250, Arlington, VA 22209
  • (703) 841-2300