E D I T O R ’ S
Q U E S T I O N
E D I T O R ’ S
Q U E S T I O N
MICK BACCIO , GLOBAL SECURITY STRATEGIST , SPLUNK
I will make or break Black Friday . Given the prolific
A nature of cyberattacks this year , retailers would be forgiven for feeling like sitting ducks . In this environment , AI is both a positive and a negative force for retailers . On the one hand , as well as providing a better shopping experience through enhanced recommendations and AI-enabled customer service , ‘ human in the loop ’ AI is playing an increasingly prevalent role in augmenting the cyber defences of large organisations .
On the other hand , cybercriminals are exploiting AI to launch more sophisticated , hard-to-detect attacks . This includes hyper-realistic phishing emails , deepfake endorsements and fraudulent websites . According to our Cost of Downtime Report , the retail industry suffers US $ 287 million in global downtime costs annually ( from events such as breaches and outages ) of which US $ 76 million is classed as ‘ lost revenue ’. And this doesn ’ t consider damaged brand loyalty . Imagine this : Your loyal customers , who trust you with their personal and financial information , realise their data has been stolen . They won ’ t just walk away – they may abandon your brand for good .
Yes , AI can be a powerful tool to enhance the shopping experience , and in cyber defence measures , but when it ’ s used against you it can threaten your business and bottom line . Retailers must prioritise securing their systems against AI-driven incursion / fraud techniques – or risk turning their biggest sales event of the year into a significant opportunity for cybercriminals and fraudsters .
DAN BRIDGES , TECHNICAL DIRECTOR – INTERNATIONAL CYWARE
etailers collect and store vast quantities of data ,
R much of it being sensitive customer data like credit card details or personally identifiable information ( PPI ) – a treasure trove for attackers . Malicious actors often target businesses at their busiest , like during Black Friday , Cyber Monday and the holiday shopping season . Last year , 41 % of retail cyberattacks stemmed from vulnerabilities and another 22 % from compromised credentials , therefore security measures must be as robust as possible as retailers prepare for seasonal traffic surges . However , according to Gartner , many organisations lack an understanding of their threat landscape .
Threat intelligence helps enterprises get ahead of attacks , but it isn ’ t easy to segregate , correlate and prioritise the huge volumes of available threat data to create a ‘ single source of truth .’ Adding threat intelligence , however , isn ’ t enough . We must connect the dots . This next-generation approach to cybersecurity – often referred to as cyber fusion – unifies all security functions such as threat intelligence , security automation , threat response , security orchestration , incident response and others into a single connected platform which detects , manages and responds to threats in an integrated and collaborative manner .
The importance of collaboration – inside and outside the organisation – cannot be overstated either . Collective defence focuses on an open , trusted ecosystem where security teams are empowered to work much more closely with trusted community peers as they manage intelligence , develop detections and response plans , and respond to threats . At the end of the day , threat intelligence only works when it can communicate the relevant data to the right people , at the right time , so they can quickly take meaningful action . As has been written about many times over , there is no silver bullet when tackling cybercrime – whether it ’ s a genuine mistake or a deliberate , targeted attack – but by fusing disparate elements of the cybersecurity stack , the risk of falling victim will be reduced .
26 www . intelligentfin . tech