Last year was one of the biggest years for retail data breaches, with credit card data from well over 106 million shoppers stolen from two of America’s largest retailers alone. The attacks shook consumer confidence, eroded brand loyalty, and cost the industry millions of dollars.

Even though the retail and security industries have been talking about compliance and security for more than a decade, breaches continue. And while research shows that compliance with PCI DSS has improved in recent years, it also shows that staying in compliance as demonstrated by passing interim assessments is another matter. Furthermore, compliance doesn’t always equal security, as it tends to focus on blocking attacks at the perimeter. Stopping attacks in the first place certainly is important, but it isn’t sufficient in an era when attackers are innovating at a pace we’ve never faced before.

Compounding the challenge is that retailers are in the midst of game-changing trends that can make or break them: creating a hyper-relevant experience for shoppers, adopting mobile Point-of-Sale (mPOS) systems, and realizing security is now a driver for consumers’ trust. Retailers who create successful strategies to innovate and embrace these trends will retain and gain more customers. But it requires a fresh approach to security.

So how should you look at and think about security differently? 

As history has shown, there’s no such thing as 100 percent prevention. The fact is, attackers make it their job to figure out how to evade current defenses and infiltrate the network. Once inside, attackers will work relentlessly to compromise additional systems and locate valuable data.

What’s needed is a threat-centric approach to security with protection along the full attack continuum – before, during, and after an attack.

Before an attack there’s more you can do besides applying prevention-based controls. You need total visibility into your environment including new mPOS systems; network segmentation to prevent the spread of malware; refresh strategies to ensure patches are being applied and systems are up to date; and an incident response plan.

During an attack you need the ability to detect and block attacks with extremely high efficacy, while still allowing expected and permitted activity between POS endpoints and internal networks. To detect advanced attacks, this continual analysis and decision-making capability must be combined with contextual awareness – aggregating and correlating data from across your environment to look for indicators or compromise and other behaviors that happen over time and may point to a threat.

After an attack you need to be able to marginalize the impact of that attack. That’s where retrospective security comes in, to quickly identify the point of entry, determine the scope, contain the threat, eliminate the risk of re-infection, and remediate all networks, endpoints, and POS systems.

With a threat-centric approach to security you’ll be able to innovate with confidence and remain competitive. To dig deeper into the trends and challenges facing retailers today, and the elements of a threat-centric approach to security, read our new white paper, Enabling Retail Business Innovation with Threat-Centric Security.


Marc Solomon

VP, Security Marketing