Executive Briefings

Retailers' IT Security Initiatives Criticized as 'Window Dressing'

It's been a year since Target's data breach and retailers are still vulnerable even as the busiest shopping season kicks into high gear, warn security experts, largely due to a lack of focus on asset management.

IT spending among retailers reached roughly $70bn in 2014, according to Barbara Rembiesa, CEO of the International Association of Information Technology Asset Managers. And still breaches continue with more shopper data stolen in 2014 than any previous year.

It's a pattern likely to continue in 2015 as long as companies focus on window-dressing IT security solutions that fall short by failing to include a solid foundation of IT asset management, Rembiesa said: "The Target debacle triggered an 8 percent increase in spending on 'IT security' but did very little to slow down the tide of major data breaches. The reality is that companies that have taken these steps are treating the symptoms but not the underlying problems. By focusing only on narrowly focused and superficial IT security 'solutions,' companies are putting the cart before the horse and they're going nowhere."

Retailers should be assessing security systems in a methodical manner, one that assesses priorities above costs, particularly when it comes to assessing third-party vendors (the source of Target's breach).

Read Full Article

IT spending among retailers reached roughly $70bn in 2014, according to Barbara Rembiesa, CEO of the International Association of Information Technology Asset Managers. And still breaches continue with more shopper data stolen in 2014 than any previous year.

It's a pattern likely to continue in 2015 as long as companies focus on window-dressing IT security solutions that fall short by failing to include a solid foundation of IT asset management, Rembiesa said: "The Target debacle triggered an 8 percent increase in spending on 'IT security' but did very little to slow down the tide of major data breaches. The reality is that companies that have taken these steps are treating the symptoms but not the underlying problems. By focusing only on narrowly focused and superficial IT security 'solutions,' companies are putting the cart before the horse and they're going nowhere."

Retailers should be assessing security systems in a methodical manner, one that assesses priorities above costs, particularly when it comes to assessing third-party vendors (the source of Target's breach).

Read Full Article