WASHINGTON, DC – 26 MAY, 2016- Retail Store Maintenance, the official publication of the Professional Retail Store Maintenance Association features new risks to retail facilities in their May/June 2016 publication. The number one risk identified for retailers is the threat of cyber-attack, with Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC) providing insights into cybersecurity risks as they relate to retail facilities.
RH-ISAC Executive Director Brian Engle explains how retail building and facility management systems can create cybersecurity vulnerabilities. “These systems themselves are not, in isolation, dangerous; it’s their interconnected nature that makes them very, very vulnerable at times.”
“Companies are extending access to remote personnel through what is a legitimate back door. But sometimes those legitimate back doors become the back doors for the bad guys when not properly secured. Too often, the expectation is that security for remote access is taken care of elsewhere, by someone else, when it is not. Ensuring that the proper level of authentication, isolation of systems, and monitoring is required.”
To reduce risk of security breaches in current or new systems, facility managers should:
- Consult with IT
- Choose a supplier that emphasizes security
- Improve system passwords
- Monitor systems activity continually
- Limit access
- Insist on good cybersecurity practices
Wendy Nather, RH-ISAC Research Director, further emphasizes the importance of fighting for your security program. “If you are talking to suppliers or people within your organization about security and somebody is trying to convince you that you’re asking too much, don’t believe them. As a CISO, I used to get told by suppliers all the time that I was the only one asking for this level of security. It’s ok to push back, and in fact, that’s part of your job to push back. We can’t make a change across the industry unless everybody is pushing together,” Nather says.
To read the full article, please visit http://www.nxtbook.com/naylor/PRSS/PRSS0316/index.php#/12
Created by retailers in response to the increased number and sophistication of attacks against the industry, the RH-ISAC is the cybersecurity resource for industry information sharing, and provides another tool in retailers’ arsenal against cyber criminals by sharing leading practices and threat intelligence in safe and secure ways.
To contact the RH-ISAC, please email pr@RH-ISAC.org