Small and Mid-sized Retailers Can Guard Customer Data From Cyberattacks Using IBM’s QRadar and Carbon Black Cb Endpoint Security Platform
Smaller and mid-sized retailers have been taking advantage of the new year by turning their attentions toward deepening their security postures to better prevent data breach-incurred financial losses. IBM research has revealed retail companies that experience a major data breach incur an average profit drop of 46% in the quarter after the breach is revealed. The damage to any retailer’s reputation post breach is quite severe, and is especially detrimental to smaller and mid-sized retailers that do not have the same financial failsafe as the big box retailers.
Despite this, 90% of reported data breaches have impacted small to mid-sized retailers, according to Trustwave research. The time has come for these small and mid-sized retailers to take a defensive stance by implementing a combined Carbon Black and QRadar solution to protect valuable internal and customer data and to prevent data breaches before they happen.
Defense is an Elemental Game
Retailers face dynamic primary security concerns. Security threats and vectors are in a constant state of evolution, with attackers growing more capable by the day. The growing business of selling hacking and attack tools only adds more gas to the fire.
This places an impetus on ensuring a security posture that is aligned to handle ever-escalating and evolving security threats. Champion recommends a next-gen solution that not only targets security threats of the past, but is also intelligent enough to rapidly detect and block any out-of-band network and activity behaviors and remediate them on the spot.
To do so, retailers should begin with the following pillars in their security posture:
- Brute force intrusion detection and remediation. Having a control structure in place to quickly and effectively detect and neutralize brute force attacks is vital to protecting customer data. We have primarily seen these attacks target online shopping accounts and retail customer rewards accounts.
- Hardening processes and controls. In setting a security policy, creating rules around the policy and letting it run automatically in the background brings a big gain in terms or security response and IT resource gains.
- Next-gen activity analytic detection and remediation. This is perhaps the most powerful element of a modern security posture. By utilizing next-gen technology, retailers gain intelligent, self-learning security tools which provide real-time detection, response and reporting abilities.
- Perimeter and endpoint defenses. This provides defenses specific to the asset type, i.e. anti-malware software for a laptop, or an encryption layer on database information.
Once you have these pillars in place, there’s still a lot of building to be done. That is where these great tools come into play.
The Carbon Black Cb Endpoint Security Platform is a great place to start. The Cb platform is geared towards PCI DSS compliance and can be utilized in all aspects of your infrastructure, from desktops and servers to POS and transactional devices. The Cb platform provides effective security controls and remediation functionality that allows you to better balance your security posture while making it easy to maintain PCI compliance inside and outside of your card data environments.
An additional benefit of the Cb Endpoint Security Platform comes in its additional protections. With these you go beyond what traditional anti-virus and client protection systems provide, such as RAM-scraping malicious software. This is particularly important when handling POS systems, as many retailers use a “set it and forget it” approach to these devices, despite knowing that all of them will at some point process and hold customer data in its memory. Remember the Target security breach? That was the result of a RAM-scraping malware attack. POS devices will remain vulnerable to attack vectors such as this without a next-gen tool like the Carbon Black Cb offering in place.
Introducing IBM QRadar as a next-gen SIEM solution is more than just a good idea. QRadar works as a security analytics tool that collects data and logs from various applications, appliances (i.e. switches and firewalls), network traffic patterns and endpoints. It is able to determine a normal pattern of operation from its innate ability to self-learn and create security rules for your environment. The rules are then applied to the collection data and logs, the results of which are then analyzed using threat detection information. If it detects anything abnormal or malicious, the threat is then meditated.
The beauty of the QRadar tool is that it accomplishes all of this in near real-time, with more than 90% of detected events being handled by intelligence driven automated remediation. This gives retailers a powerful and scalable next-gen SIEM tool that provides real-time data collection, analysis and threat detection remediation.
Engage A Leader
The dynamic and ever-morphing capabilities of today’s malicious software and security attack vectors makes it next to impossible for retailers to continue to build security postures around manual threat detection and remediation processes. In utilizing powerful next-gen SIEM tools like Carbon Black’s Cb Endpoint Security Platform and IBM’s QRadar, retailers now have the ability to get take an innovative security lead. Champion’s partnership and experience in this area makes us a vital partner in deepening and developing a next-gen data security posture. Contact us to speak with an expert today.