• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • Login
  • Subscribe
  • Logout
  • My Profile

  • CORONAVIRUS
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • REGIONS
    • Asia Pacific
    • Canada
    • China
    • Europe
    • Latin America
    • Middle East/Africa
    • North America
  • THINK TANK
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » One Third of Retail Breaches Begin With Third-Party Vulnerabilities, Study Finds

One Third of Retail Breaches Begin With Third-Party Vulnerabilities, Study Finds

November 20, 2014
BitSight Technologies

That's the finding of research released by BitSight Technologies, which
measured the security performance of 300 major U.S. retailers from Nov. 1, 2013 to Nov. 1, 2014.

"While it's encouraging that a majority of the breached retailers have improved their security effectiveness, there is more work to be done, especially in the area of vendor risk management," said Stephen Boyer, co-founder and CTO of BitSight. "This trend in retail highlights the importance of proactive measures such as industry and peer benchmarking, as well as continuous monitoring of one's supply
chain. We are seeing retail take steps in the right direction, with the formation of the Retail Information Sharing and Analysis Center to increase intelligence sharing among retailers in the U.S., but more improvements are needed."

The BitSight platform uses publicly available data to rate the security performance of an organization on a daily basis. Observed security events and configurations, such as communication with a botnet, malware distribution, and email server configuration, are assessed for severity, frequency and duration and used to generate objective security ratings. BitSight security ratings range from 250 to 900, with higher ratings equating to higher security performance.

BitSight uses a wide breadth of high-quality publicly available security data to calculate security ratings data on specific companies and industries.

Other key findings include:

--  Retail still under wide scale attack - Of the 300 major U.S. retailers     analyzed by BitSight from Nov. 2013 to Nov. 2014, 58 percent experienced a decline in overall security performance with an average 90-point decrease. The 34 percent of retailers that improved saw an average 70-point increase, while eight percent of retailers saw no net change in their Security Ratings over the past year.

--  Retailers breached in the last year see improvement - BitSight analyzed the security performance of 20 large retailers that had a high-profile breach within the last year. Of these retailers, nearly 75 percent saw an average increase of 50 points to their security rating score, since the point of their breach.

--  Securing the supply chain remains a big challenge - BitSight observed     that nearly a third of all breaches in the retail sector began with a compromise at a third-party vendor. Retailers share sensitive data with hundreds to thousands of business partners globally; organizations can take steps in securing their own networks, but ignoring risks posed by third-party partners can leave them exposed   and vulnerable to breaches.

--  Infection increases in almost all threat vectors - In the span of a year, the retail industry on average suffered from an increase in infections in every individual threat indicator monitored by BitSight, with the exception of spam propagation. Malware distribution accounted for the largest increase, followed by botnet infections.

Source: BitSight Technologies

RELATED CONTENT

RELATED VIDEOS

Global Supply Chain Management SC Security & Risk Mgmt Food & Beverage Retail
KEYWORDS BitSight Technologies Data Breach Food and Beverage Global Supply Chain Management Retail Retail Information Sharing and Analysis Center retail supply chain SC Security & Risk Mgmt Supply Chain Analysis & Consulting Supply Chain Management: Retail Supply Chain Risk Management
  • Related Articles

    Third of Shoppers Don't Trust Retailers with Their Personal Information, Study Says

    Organizers of Third-Party Logistics Study Want Your Participation

    A Third of Firms Don't Comply With Slavery Law, Survey Finds

  • Related Events

    How Every Shipper Can Benefit from Modern Drop-and-Hook: Four ways to get nationwide, flexible, and quality drop capacity with unparalleled visibility

BitSight Technologies

One Third of Retail Breaches Begin With Third-Party Vulnerabilities, Study Finds

More from this author

Wake up to Coronavirus Updates and the latest Supply Chain News!

Subscribe to our Daily Newsletter

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • Coronavirus-watch-Armada

    Virus Update: Biden’s 100 Million Doses ‘Doable’ in 100 Days; China to Donate 500,000 Doses to Philippines

    Coronavirus
  • U.S. and China Trade

    How China Won Trump’s Trade War and Got Americans to Foot the Bill

    Global Supply Chain Management
  • Obtaining Adequate Supplies of PPE in the Pandemic

    Watch: Obtaining Adequate Supplies of PPE in the Pandemic

    Coronavirus
  • AT&T

    How the Pandemic Has Altered AT&T’s Global Sourcing Strategy

    Coronavirus
  • Grocery Supply Chain

    Can Smaller Grocers Survive the E-Commerce Game?

    Coronavirus

Digital Edition

Scb home issue 27

2020 Supply Chain Innovator of the Year

VIEW THE LATEST ISSUE

Case Studies

  • LSP Saves Customer $1.5 Million a Year With MPO Global Inbound Management

  • Auto Supplier Wows Key Client Using riskmethods Supply Chain Savvy

  • Integrating Shipping and Compliance Saves Conglomerate Millions

  • How a Consumer Goods Giant Upped Its On-Time Delivery Performance

  • LSP Wows Global Client, Quickly Advances to Become End-to-End Provider

Visit Our Sponsors

6 River Systems ArcBest Armada
aThingz BluJay Burris Logistics
DSC Logistics DCSA (Digital Container Shipping Association) DHL Resilience360
Genpact GEP Honeywell Intelligrated
Infor Logility Magnitude Software
MPO Old Dominion Oliver Wight
OpenSky Ports America Purolator
QAD Precision Red Classic Riskmethods
TGW Systems Transportation Insights Watson Land Company
Westfalia Technologies Workjam Yang Ming
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright © 2016 - 2018 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing