June 20, 2011, 2:16 PM

IRCE 2011 Report: Be prepared for when hackers attack

Retailers can mitigate the effects of an attack with a defined rapid response.

Lead Photo

E-retailers can’t afford to wait until they suffer a data breach to figure out how to deal with such an attack, Chris Pierson, chief privacy officer, senior vice president, Citizens Financial Group, said last week at the Internet Retailer Conference & Exhibition 2011 in San Diego.  “Make sure you have the relationships in place to combat breach,” he said. “Don’t do it on day one of the breach. “

That means that a retailer has to know who will handle all the essential roles, such as who will speak to the media. Doing so can prevent delays in notifying the public, which is often the biggest gripe voiced by consumers affected by a breach, he said. Most of the state and federal laws regarding notification state that merchants should alert the public without undue delay.

“The biggest issue is usually consumers asking, ‘Why did you wait so long to let us know?’” he said. “It’s something every company has to deal with.”

Along with internal employees who should be part of the pre-breach organization process, retailers should also determine whether they’ll also work with a data breach response who can help them navigate the various elements involved in breach response, such as determining what data is at risk and which, if any, customers or entities must be notified pursuant to state laws.

As part of a retailer’s breach preparedness, retailers should also look to every possible means of minimizing their risk for potential fraud. For instance, they should ensure that they use end-to-end encryption, which is the act of encrypting card data throughout the payment lifecycle from the time a card transaction is captured, through processing, and as long as it’s necessary to keep cardholder data on hand.

“You can’t stick your head in the sand,” he said. “You have to be ready.”

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

Deepak Agarwal / E-Commerce

Back-to-school insights from a Top 100 online retailer

It’s the second-largest online shopping season, and one nomorerack.com CEO pays close attention to. Here ...

FPO

Kevin Sterneckert / E-Commerce

The ghost economy: an $800 billion retail data disconnect

A new twist on a classic holiday story that online retailers will relive in the ...

Advertisement