ta.  In addition, they are now storing large volumes of business-related data, pertinent for operations, business management, procurement and logistics and more. When there is valuable information to be had and profit to be made, cyber criminals aren’t far behind. The retail industry continues to be a victim Data from recent CrowdStrike research showed that in 2017, retailers were among the most preferred prey for cyber criminals seeking money or customer data. Today’s attackers aren’t just relying on traditional attack vectors like malware to get into the environment — new trends including credential theft and advanced exploits mean that legacy antivirus solutions no longer suffice in protecting against targeted attacks. While customers can be hesitant to share their information online, people don’t think twice about handing over their credit card details when they’re shopping. This risk here is that point of sale (POS) terminals are ripe with valuable payment data which attract cyber criminals. Attackers plant malware on POS systems to primarily steal customer payment data. Over the last three years, there have been highly publicised attacks against a number of global retailers and hotel groups.  Australian retailers should take these examples as a warning to continually evaluate their security platforms to ensure they can detect, prevent and respond to attacks before they become a serious issue. Best practices for retailers There are multiple cyber practices and tools that can help retailers build a stronger defence system. It’s critical to implement solution that empowers retail businesses with real-time visibility to what is happening in their network to identify and mitigate an intrusion before it becomes a breach. CrowdStrike identified that in 2017, the average attacker’s breakout time was one hour and 58 minutes, and it’s getting narrower each month. This means that once an intruder compromises a network, they can move laterally to other machines within that network in less than two hours. Defenders – in this case – retailers have a very small window of time to firstly detect the threat and then contain an incident before it becomes a breach. Retailers also need to evaluate third party suppliers and business partners based on the risk they present to the business in order to prevent supply chain vulnerabilities. Attackers are increasingly targeting the IT supply chain and partner networks, since they generally have fewer security controls in place. Self-certification processes are proving less reliable, so retailers should shift to proactive cyber-risk monitoring and mitigation with suppliers to neutralise third party risk. There are multiple other basic cyber hygiene practices that retailers should easily be able to adopt for more robust security: Next-generation antivirus (NGAV) is critical to being able to detect and prevent malware on a POS terminal. Unlike traditional AV prevention, effective NGAV does not rely on reactive constant signature updates, allowing businesses to detect and stop never seen before attacks. Determine where your most sensitive data or networks are located and implementing endpoint detection and response technology. Focus your limited resources on those areas of the network that are most vital to the health of your business. This will enable you to identify irregular activity and eliminate ‘silent failure’ – the gap between when an infection begins and when it’s discovered. Any and all connections to the internet from your retail corporate environment should be monitored to identify data leaving the network. Default passwords, especially for hardware devices can allow direct access to critical data. Extra care should be taken to require strong passwords for all users, including default or built-in accounts. Identity and credential management is critical to doing just that. Patching operating systems and third party applications is one of the most inexpensive and effective ways to harden a network, while leaving your resources to be better spent on detecting advanced adversaries. Through building a strong patch management process, you can ensure critical security patches are installed as soon as possible. The retail industry moving forward For retailers, bolstering cyber security isn’t only critical to reducing risk, it’s important in ensuring customer loyalty. On average, the total cost of hacking to an affected Australian company is more than $2.5 million, much of which is the result of negative headlines and damaged reputation. When it comes to navigating the digital waters, it’s just as important for retailers to protect themselves against evolving cyber threats as it is to embrace the latest innovation in payment technology. As attackers continually adapt their techniques to take advantage of ineffective antivirus solutions, retailers must evolve their security platforms to withstand a potential attack or recover quickly, should one occur.’ Michael is the VP of technology strategy for CrowdStrike.