Retail IT Professionals More Prepared for Data Breaches | eWeek

Retail IT Professionals More Prepared for Data Breaches

tripwire and it security
Écrit par
Nathan Eddy
Nathan Eddy
Apr 27, 2016
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

One-third of retail IT professionals say a data breach has occurred at their company, according to a Tripwire survey of 200 respondents conducted by Dimensional Research.

Tripwire’s 2016 Retail Security Survey found that 90 percent of the respondents believe they could detect a data breach on critical systems in one week or less. That contrasts with 70 percent in 2014.

The survey also found three-quarters of 2016 respondents believe they could detect a breach within 48 hours, compared with 42 percent in 2014. Retail data breaches involving personally identifiable information (PII) have more than doubled since 2014.

When asked if a data breach occurred at their organization where PII was stolen or accessed by intruders, a third of the respondents said—an increase from 14 percent in 2014.

“The most surprising finding was that the percentage of breach detection products remains stagnant, even among the growing threat landscape that retailers are facing over the same time period,” Travis Smith, senior security researcher at Tripwire, told eWEEK.

The softest spot for many retailers remains to be the implementation of the point of sale network, Smith said.

“An increased level of network access both in and out of the network provides attackers a larger attack surface to both infiltrate and exfiltrate a retailer’s systems,” he said.

Survey results also indicated companies with larger revenues monitor configuration parameters on critical payment assets less frequently.

Sixty-five percent of respondents working for organizations with revenues of less than $100 million check their compliance at least weekly, while 55 percent of respondents with revenues of more than $100 million answered similarly.

“The number of attacks against retailers will continue to rise. The number of successful attacks continues to grow, which is providing incentive for cyber criminals to continue their campaigns,” Smith said. “However, retailers are presented with an opportunity, as the attackers are using similar tactics in each breach.”

Implementing proper network segmentation will reduce the likelihood that an attacker can get into and/or get data out of the point of sale network, he noted.

Implementing host-based security controls such as antivirus, whitelisting and file integrity monitoring will reduce the likelihood that point-of-sale-based malware can successfully be installed and executed on machines targeted by these cyber criminals, he said.

However, implementation of breach detection technology has remained flat—in both 2014 and 2016, 59 percent of the respondents said their breach detection products were only partially or marginally implemented.

Both Tripwire surveys defined breach detection as antivirus software, intrusion detection systems, malware detection, whitelisting and file integrity monitoring.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.