British retailers can learn lessons from US identity hack
A senior US security executive has said retailers should not simply ‘plug holes’ from previous incidents, but instead get ahead of the problem.
A senior security executive has said that British retailers can learn lessons from the biggest identity hack case ever' - where 130 million credit and debit card numbers were stolen.
Chris Young, vice president for products at RSA, told IT PRO that retailers should not simply plug holes that they've seen in previous attacks, but rather get in front of the problems by identifying risk and putting policies in place.
"It's dangerous to chase incidents, if you are a retailer or anything else," he said. "What retailers need to do is learn from the incidents that have happened, but it's really about taking a step back and figuring out where do you have you greatest sources of risk.
One technology that companies were already using to protect data was enterprise-wide key management', where the right information was encrypted and the keys to it managed centrally.
He said that in many cases he was seeing retailers going a step further, such as with data-masking', where sensitive information was replaced with realistic false information.
Technology like this is used more in the UK and US, which Young said was due to the "size of the economies" that made retailers located there bigger targets. Also, the use of credit was much more pervasive there than around the world.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now