June 20, 2011, 2:16 PM

IRCE 2011 Report: Be prepared for when hackers attack

Retailers can mitigate the effects of an attack with a defined rapid response.

Zak Stambor

Managing Editor

Lead Photo

E-retailers can’t afford to wait until they suffer a data breach to figure out how to deal with such an attack, Chris Pierson, chief privacy officer, senior vice president, Citizens Financial Group, said last week at the Internet Retailer Conference & Exhibition 2011 in San Diego.  “Make sure you have the relationships in place to combat breach,” he said. “Don’t do it on day one of the breach. “

That means that a retailer has to know who will handle all the essential roles, such as who will speak to the media. Doing so can prevent delays in notifying the public, which is often the biggest gripe voiced by consumers affected by a breach, he said. Most of the state and federal laws regarding notification state that merchants should alert the public without undue delay.

“The biggest issue is usually consumers asking, ‘Why did you wait so long to let us know?’” he said. “It’s something every company has to deal with.”

Along with internal employees who should be part of the pre-breach organization process, retailers should also determine whether they’ll also work with a data breach response who can help them navigate the various elements involved in breach response, such as determining what data is at risk and which, if any, customers or entities must be notified pursuant to state laws.

As part of a retailer’s breach preparedness, retailers should also look to every possible means of minimizing their risk for potential fraud. For instance, they should ensure that they use end-to-end encryption, which is the act of encrypting card data throughout the payment lifecycle from the time a card transaction is captured, through processing, and as long as it’s necessary to keep cardholder data on hand.

“You can’t stick your head in the sand,” he said. “You have to be ready.”


Sign In to Make a Comment

Comments are moderated by Internet Retailer and can be removed.

Not a member? Signup for free today!




Relevant Commentary


Jason Squardo / Mobile Commerce

Five tips for achieving high mobile search rankings

Searches on mobile devices will soon exceed those on computers, Google says. Retailers that keep ...


Sergio Pereira / B2B E-Commerce

Quill turns to its B2B customers for new ideas

Coming in April is a new section of Quill.com that will let customers and Quill ...