NRF has partnered with leaders of the cybersecurity industry including members of the NRF Cybersecurity Industry Partners to share research, whitepapers and other resources for retail leaders.
More consumers than ever before are using online options to engage with consumer-facing companies in our pandemic-altered environment, underscoring the ongoing importance of cybersecurity. PwC's annual survey of business and technology executives reveals that cybersecurity is now infused throughout the organization to increase resilience and fend off attacks. Here's what we learned.
Powered by PwC.
When facing a potential breach, there are clear steps to take. Whether you are a board member, a business, technology or security executive, it is important to enable cross-functional collaboration to support a coordinated response. Hear from our cyber leaders as they share real-time insights on the recent cyber attacks.
Powered by PwC.
The way you manage your customers' digital identities is part of the quality of their total experience with your brand. Here's why both business executives and IT pros should care.
Powered by PwC.
Faced with workplace challenges brought on by COVID-19, retail employers must look to new cybersecurity to protect business and customer data. Though not a new concern, data security is becoming continually more important, so hiring the right cyber talent is essential. The retail industry can create new and cost-effective avenues toward bridging the cybersecurity workforce gap and help new candidates enter these critical occupations by leveraging this proven training model as a method to accelerate education, credentialing, and ultimate employment.
In partnership with the Purdue Cyber Apprenticeship Program.
Over the past few years, organizations have migrated their software supply chain operations to the cloud. In doing so, they face cybersecurity risks across various stages of the Software Supply Chain (SSC) lifecycle and are seeking cybersecurity best practices and frameworks. Cloud-based SSCs bring specific benefits to the table, but they also carry risks. Managing these risks will require a pragmatic approach to end-to-end cybersecurity. Learn more in this joint paper from PwC and Microsoft.
Powered by PwC
PwC’s Digital Trust Insights Pulse Survey of 141 security and information leaders is akin to an after-action report on the first responses to the COVID-19 pandemic. How did they weather this extreme test of resilience? How are they rethinking their strategy and investments going forward? Today, CISOs and CIOs are adjusting to a different future. All but 2% of CISOs/CIOs plan shifts in cyber strategy.
Powered by PwC
It’s urgent to check on your cybersecurity insurance coverage now. The COVID-19 crisis, the worst recession in a century and social upheavals create fertile ground for more cyber attacks. And while the cyber insurance market is young, it's developing quickly. But the wrong kind or amount of coverage could be worse than having none at all. A false sense of confidence could end up costing your business more — or cause you to lose it altogether. Read on to find out if your coverage is right for your business.
Powered by PwC
As digital commerce in the U.S. grows, criminals are employing increasingly sophisticated tools to exploit points of weakness throughout the consumer journey. Prepare yourself to confront this threat with our new e-book. In 5 steps, we walk through how to begin building an insights-based digital security strategy that also improves the user experience. Each Step includes a useful checklist or real examples of impact to help you get started.
In Partnership with Mastercard.
This whitepaper will provide you with a view on what smart building owners should be aware of while in the selection process for new suppliers. It will touch on who is responsible for cybersecurity and will delvel into what could be done to be prepare for cyber threats in times of unrest due to environmental conditions. Moreover, the reader will have a glimpse on how emerging technologies play a crucial role in maintaining secure environments specially when coupled with strong polices and protocols. Ultimately, the reader will have a better understanding about cybersecurity and how to start to take a more proactive role in selecting, specifying and deploying physical security systems.
In partnership Johnson Controls - Tyco.
2020 has upended traditional commerce. While some models are failing, eCommerce channels have seen striking – and unexpected – growth. That growth, and the adoption of new models, means more fraud, chargebacks, and manual reviews, but without new resources. Every department is under pressure to grow ecommerce revenues, minimize damages from fraud and chargebacks, streamline operational costs, and deliver an exceptional customer experience. In short, businesses need to do more with fewer resources.
In partnership with Kount.
As retailers bring employees back to workplaces in the wake of COVID-19, a vaccine is still unavailable. Contact tracing in some form will be a key strategy to manage employees' health status and movements, preventing flare-ups in their facilities. But privacy specialists worry that without a national privacy law in place, contact tracing could gather more personal data on Americans than they realize. This article explores the possibility of a law and the related privacy implications.
Powered by PwC.
This paper explores why organizations innovating in the cloud must address security issues before runtime. By proactively incorporating security and compliance through infrastructure as code templates much earlier in the CI/CD pipeline, security teams create better security experiences for DevOps teams, increase participation in and quality of security, and improve product security and quality.
In partnership with DivvyCloud.
This guide offers information for retailers seeking to achieve the full benefits of cloud while ensuring security and compliance. It frames the challenges that many retailers face and explains how to build a roadmap to security and compliance using culture, frameworks, and systems.
In partnership with DivvyCloud.
This report looks at the retail industry’s use of cloud services and examines the risks associated with migrating to cloud environments. It provides recommendations on how retailers can mitigate these risks, through tools and processes such as data inventories, strong identity and access management practices, data encryption and the use of cloud-based security tools.
In partnership with The Chertoff Group.
Privacy regulation may sound onerous, but it doesn’t have to be. With the right approach, retailers and consumer-packaged goods (CPG) companies can deploy the latest data gathering and analysis tools, meet or exceed customer expectations for personalization and privacy, and comply with regulatory demands.
Powered by PwC.
Only half of US businesses affected by the California Consumer Privacy Act of 2018 expect to be compliant by the 2020 deadline, according to a PwC survey of more than 300 executives at US companies with revenues of $500 million or more. Fewer than half of retailers count themselves among those that expect to be compliant in time.
Powered by PwC.
To make the most of the Fourth Industrial Revolution (4IR), companies must listen closely to their customers and employees. From smartwatches that measure your heart rate to artificial intelligence (AI) that monitors your bank account, digital technologies are changing our lives at home and at work. Consumer and employee comfort with—and trust in—4IR technologies will likely determine the potential opportunities for growth and efficiencies that these technologies can offer businesses. Indeed, PwC’s Consumer Intelligence Series found that while 4IR—also known as Industry 4.0—may be everywhere, not everyone is yet fully on board.
Powered by PwC
One way in which businesses have reacted to the rise in fraud (and the resulting loss of customer trust) is by requiring users to make their passwords more complex. However, to create a passwordless experience for your customers, the challenge is to not let the threat of breaches lull you into the false comfort of forcing stricter password regulations. Passwordless authentication starts with having the proper user context. Check out this interactive page to better understand the challenge between password frustrations vs. passwordless bliss and how IBM Security can help with your Digital Identity Trust journey.
Powered by IBM
Mega data breaches are a growing problem and they aren't going away or getting any cheaper. How much would a data breach cost your organization? The average cost for a Retail organization in the United States is $6.4M, according to the 2019 Cost of a Data Breach Study by the Ponemon Institute sponsored by IBM. Click here to read the full 2019 report and learn insights specific to the Retail industry.
Powered by IBM
Fourteen months after the EU's General Data Protection Regulation (GDPR) took effect, the world of data privacy has shifted its focus from guidance to stepped-up enforcement. The large fines on three multinationals levied by two data protection authorities (DPAs) in 2019 are just the beginning. Will 2020 also mark the shift to consumers exercising their rights over their data?
Powered by PwC
Data discovery solutions like Echosec enable retailers to find relevant threat data faster in a variety of online spaces. The company offers social media, deep web, and dark web monitoring tools, as well as a platform API that gives retailers direct access to data sources that are not searchable through most other commercial and official APIs. These solutions are focused on quickly gathering and assessing relevant threat intelligence from a variety of sources using AI and machine learning technology. This enables security teams to efficiently prevent, mitigate, and react to the major threats facing retailers today.
Powered by Echosec
With attacks on eCommerce websites on the rise, ensuring that your customers’ payment and personal information is protected should be a priority if you want to avoid the implications of a data breach.
Download this white paper to learn more about:
- Attacks on eCommerce websites including Magecart and Formjacking attacks
- Approaches to mitigating website client-side attacks
- Major implications of targeted attacks
- Monitoring and detection methods
Powered by Source Defense