January 24, 2018
As 2018 sets up to be a record year of growth for the eCommerce industry, it also sets itself up for another record; increased cyber attacks. Cyber criminals are naturally attracted to markets where they see opportunity and vulnerability and the eCommerce industry fits that profile. According to Richard Mellor, former vice president of loss prevention for the National Retail Federation, “New ideas, concepts, and schemes are developed every day by cybercriminals, and their sophistication often includes virtual escape methods. Therefore, it will be even more important for loss prevention professionals, IT teams and cybersecurity specialists within a retail organization to find the right partners to protect their brand integrity.” Retailers will be faced with finding a balance between capitalizing on the opportunity of increased sales while also making investments that help ensure the protection of their online shoppers’ personal data and the their brand’s reputation.
Let’s dive into the 5 eCommerce stats that wil drive cybersecurity attakcs in 2018.
1. By 2021 e-retail revenues are projected to grow to 4.48 trillion US dollars.
Furthermore, e-retail sales are expected to account for 15.5 percent of total retail sales by 2021. In 2018 alone in the United States eCommerce sales are expected to reach 461 billion, up from 409 billion in 2017. As consumers move towards online retail, it opens up a new venue for hackers to gain access to a trove of consumers’ personal details online.
*image courtesy of statista
2. In 2018, 39.5% of all retail eCommerce is expected to be generated via mobile commerce; up 5% from 2017’s 34.5%.
This number is expected to continue to increase with 53.9% of all retail eCommerce sales predicted to originate from mobile by 2021. With app security vulnerabilities being discovered daily via hackers, it’s imperative that online stores ensure their eCommerce platform has the most strenuous cyber defense practices in place to protect consumers. If your store uses a popular eCommerce platform like Magento, NOP Commerce, WooCommerce, or Shopify, make sure you understand what security comes with your platform and always install the latest updates and patches. Most platforms deliver some basic security features, but it is up the retailer to take measures to secure the site with the many security extensions like BlindHash that are available.
3. According to Symantic, U.S. consumers lost $19.4 billion dollars and about 20 hours of time dealing with the impact of cyber attacks in 2017.
As consumers become more knowledgeable in the area of cybercrime and new regulations are enforced such as GDPR ,which will be enacted in May of this year, online shoppers will demand more from the stores they choose to do business with. Hackers are working 24 hours a day, seven days a week and if they know of a vulnerability that exists they will exploit it. As they turn their eyes on the eCommerce industry, online retailers and the eCommerce industry in general can no longer be complacent and “just get by” with the basic cybersecurity tools they’ve generally used up to this point. Nearly a third of all retailers have suffered revenue loss due to a cyber attack. This number is sure to go up in 2018.
4. Did you know that 29% of your website traffic is there to attack you?
Many website owners feel that their site is too small to be attacked and that no hacker would care enough to breach them. However, this is simply not true. Most website visitors are bots (website robots). These bots don’t care anything about you or your website. They just want to see if they can extort data from your site. In a recent study by non profit security research organization Honeynet, a nearly invisible web server with no domain was attacked more than 250,000 times in 24 hours. It’s no longer a matter of if you will be breached it’s a matter of if you will be ready when you are breached.
5. "Pretty much 99.99 percent of computer security incidents are oversights of solved problems."
While not an official stat, Swift on Security , is right. That’s why it’s important to layer your security to help protect against the various threat vectors hackers are using against your site. Simply having an SSL certificate in place is not enough anymore. As we all learned from the preventable Equifax breach, we must utilize the technology available to protect our consumers and our brand. Good cyber security is the result of doing many things right. Small investments in security understanding and protection can pay big dividends. Telling a client, a board, an investor, a boss, whoever, that a breach or loss of data could have been avoided by installing an inexpensive security extension, is not a position that anyone wants to be in.