‘Tis the season for holiday shopping. Economic forecasters anticipate holiday retail sales will reach a new all-time high in 2019, with U.S. spending set to top $725 billion for the first time in history. The economy is robust, consumer confidence is high, and shoppers are eager to explore great deals and special offers that mark the start of the official holiday retail season.
It’s a critically important time for online retailers: e-commerce sales on Cyber Monday alone are predicted to exceed $9 billion this year. And, this single day can make or break your business’s profitability over the holiday season. Offering website visitors superb and safe digital experience is imperative, as you need to make sure your customers can trust you to keep their personal and payment information secure.
According to analysts’ reports, cybercriminal activity spikes during the holiday shopping season. Global organizations saw an increase of almost 60% in the number of cyberattacks they faced over the holidays in 2017, and experts anticipate that the pattern will be repeated again this year.
It’s only logical: as cybercriminals grow more professionalized and sophisticated, they seek to time their exploits to give them the greatest chances of success. During the holidays, retail businesses often find their employees stretched thin because they’re attempting to monitor increased traffic, serve a larger number of customers, and cope with a greater volume of sales than usual. So they may be less vigilant.
At the same time, rushed consumers may be less careful about guarding themselves against phishing attempts, or less wary of downloading malware. And greater volumes of website traffic may conceal bot-initiated activities like checkout abuse and gift card fraud, or make it easier for distributed denial of service (DDoS) attacks to cause sites to crash or perform poorly.
Here are four quick tips to help you protect your business and brand reputation from cyberattacks this holiday season.
#1: Exercise vigilance
It might be the most wonderful time of the year, but it should also be your most watchful time of the year. With e-commerce site traffic at peak volumes, it’s especially important to be sure that accurate log data is being collected so you can keep tabs on user activities, customer data handling, application behavior and threats or anomalous activities on your network. It’s also critical to ensure that these systems are being actively monitored.
If your internal IT or security team isn’t able to keep up with increased number of infrastructure monitoring tasks, you can engage with a managed detection and response service provider to expand your capabilities and enhance your ability to respond to the most recently discovered, covert, and dangerous threats.
#2: Get smart about social engineering
Longtime customers and casual website visitors alike will appreciate your efforts to keep their financial data safe. Be on the lookout for fraudulent sites making use of URLs similar to your website’s, and be sure to report any illegitimate use of your company’s logo or other branding to the FBI. You’ll also want to ensure that your website is free of malware and proactively protected against common attack techniques. It’s helpful to give customers who are subscribed to your email newsletter tips on how to check that a website is authentic. An easy way to demonstrate your own site’s safety is to display a Trust Seal advertising its protected status.
#3: Be proactive about finding and fixing web application vulnerabilities
It’s wise to perform regular vulnerability scans on all your customer-facing web applications, but if you want to be better prepared to face holiday season threats, consider scheduling external penetration testing. Professional security experts can help you identify and remediate vulnerabilities that you might otherwise have missed, and can do so before website traffic reaches its holiday peak.
#4: Don’t be too trusting
It’s never a bad time of year to make the shift from a “default allow” architecture to a zero trust approach to IT security, but it’s especially important to change your mindset about how to treat unverified executable files, and data packets of unknown origin during the holidays. Look for a comprehensive breach prevention platform that can deliver protection across your endpoints, applications, and full computing environment seamlessly and without allowing files to execute unless they’re guaranteed safe.
To learn more about how Comodo’s comprehensive portfolio of integrated security solutions can keep your e-commerce business secure this holiday season, contact us to schedule a free demonstration, today.
TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE