• Advertise
  • Contact Us
  • About Us
  • Supplier Directory
  • SCB YouTube
  • Login
  • Subscribe
  • Logout
  • My Profile
  • LOGISTICS
    • Air Cargo
    • All Logistics
    • Express/Small Shipments
    • Facility Location Planning
    • Freight Forwarding/Customs Brokerage
    • Global Gateways
    • Global Logistics
    • Last Mile Delivery
    • Logistics Outsourcing
    • LTL/Truckload Services
    • Ocean Transportation
    • Rail & Intermodal
    • Reverse Logistics
    • Service Parts Management
    • Transportation & Distribution
  • TECHNOLOGY
    • All Technology
    • Artificial Intelligence
    • Cloud & On-Demand Systems
    • Data Management (Big Data/IoT/Blockchain)
    • ERP & Enterprise Systems
    • Forecasting & Demand Planning
    • Global Trade Management
    • Inventory Planning/ Optimization
    • Product Lifecycle Management
    • Sales & Operations Planning
    • SC Finance & Revenue Management
    • SC Planning & Optimization
    • Sourcing/Procurement/SRM
    • Supply Chain Visibility
    • Transportation Management
  • GENERAL SCM
    • Business Strategy Alignment
    • Education & Professional Development
    • Global Supply Chain Management
    • Global Trade & Economics
    • HR & Labor Management
    • Quality & Metrics
    • Regulation & Compliance
    • SC Security & Risk Mgmt
    • Supply Chains in Crisis
    • Sustainability & Corporate Social Responsibility
  • WAREHOUSING
    • All Warehouse Services
    • Conveyors & Sortation
    • Lift Trucks & AGVs
    • Order Fulfillment
    • Packaging
    • RFID, Barcode, Mobility & Voice
    • Robotics
    • Warehouse Management Systems
  • INDUSTRIES
    • Aerospace & Defense
    • Apparel
    • Automotive
    • Chemicals & Energy
    • Consumer Packaged Goods
    • E-Commerce/Omni-Channel
    • Food & Beverage
    • Healthcare
    • High-Tech/Electronics
    • Industrial Manufacturing
    • Pharmaceutical/Biotech
    • Retail
  • THINK TANK
  • WEBINARS
    • On-Demand Webinars
    • Upcoming Webinars
    • Webinar Library
  • PODCASTS
  • VIDEOS
  • WHITEPAPERS
Home » One Third of Retail Breaches Begin With Third-Party Vulnerabilities, Study Finds

One Third of Retail Breaches Begin With Third-Party Vulnerabilities, Study Finds

November 20, 2014
BitSight Technologies

That's the finding of research released by BitSight Technologies, which
measured the security performance of 300 major U.S. retailers from Nov. 1, 2013 to Nov. 1, 2014.

"While it's encouraging that a majority of the breached retailers have improved their security effectiveness, there is more work to be done, especially in the area of vendor risk management," said Stephen Boyer, co-founder and CTO of BitSight. "This trend in retail highlights the importance of proactive measures such as industry and peer benchmarking, as well as continuous monitoring of one's supply
chain. We are seeing retail take steps in the right direction, with the formation of the Retail Information Sharing and Analysis Center to increase intelligence sharing among retailers in the U.S., but more improvements are needed."

The BitSight platform uses publicly available data to rate the security performance of an organization on a daily basis. Observed security events and configurations, such as communication with a botnet, malware distribution, and email server configuration, are assessed for severity, frequency and duration and used to generate objective security ratings. BitSight security ratings range from 250 to 900, with higher ratings equating to higher security performance.

BitSight uses a wide breadth of high-quality publicly available security data to calculate security ratings data on specific companies and industries.

Other key findings include:

--  Retail still under wide scale attack - Of the 300 major U.S. retailers     analyzed by BitSight from Nov. 2013 to Nov. 2014, 58 percent experienced a decline in overall security performance with an average 90-point decrease. The 34 percent of retailers that improved saw an average 70-point increase, while eight percent of retailers saw no net change in their Security Ratings over the past year.

--  Retailers breached in the last year see improvement - BitSight analyzed the security performance of 20 large retailers that had a high-profile breach within the last year. Of these retailers, nearly 75 percent saw an average increase of 50 points to their security rating score, since the point of their breach.

--  Securing the supply chain remains a big challenge - BitSight observed     that nearly a third of all breaches in the retail sector began with a compromise at a third-party vendor. Retailers share sensitive data with hundreds to thousands of business partners globally; organizations can take steps in securing their own networks, but ignoring risks posed by third-party partners can leave them exposed   and vulnerable to breaches.

--  Infection increases in almost all threat vectors - In the span of a year, the retail industry on average suffered from an increase in infections in every individual threat indicator monitored by BitSight, with the exception of spam propagation. Malware distribution accounted for the largest increase, followed by botnet infections.

Source: BitSight Technologies

RELATED CONTENT

RELATED VIDEOS

Global Supply Chain Management Supply Chain Security & Risk Mgmt Food & Beverage Retail
KEYWORDS BitSight Technologies Data Breach Food and Beverage Global Supply Chain Management Retail Retail Information Sharing and Analysis Center retail supply chain SC Security & Risk Mgmt Supply Chain Analysis & Consulting Supply Chain Management: Retail Supply Chain Risk Management
  • Related Articles

    Third of Shoppers Don't Trust Retailers with Their Personal Information, Study Says

    Organizers of Third-Party Logistics Study Want Your Participation

    A Third of Firms Don't Comply With Slavery Law, Survey Finds

BitSight Technologies

More from this author

Subscribe to our Daily Newsletter!

Timely, incisive articles delivered directly to your inbox.

Popular Stories

  • DOCUMENTS BEARING THE INSIGNIA OF US CUSTOMS AND BORDER PROTECTION LIE ON A TABLE

    New CBP Regs Call for Greater Diligence by Brokers in Reporting Security Breaches

    Freight Forwarding/Customs Brokerage
  • A WORKER IN A WAREHOUSE, SUPERIMPOSED WITH GRAPHICS SHOWING SUPPLY NETWORK

    Enabling Intelligent Visibility With Supply Chain Analytics

    Data Management (Big Data/IoT/Blockchain)
  • A GROUP OF WORKERS RANGED IN AN OFFICE, OF DIVERSE RACE, GENDER, AGE AND PHYSICAL ABILITY

    Podcast | The Supply Chain Workforce of the Future Is Already Here

    HR & Labor Management
  • GSCMS-Promo.png

    Watch: Introducing the Global Supply Chain Marketing Summit

    Education & Professional Development
  • A HAND TURNS A LARGE, LIGHTED DIAL WITH THE WORD RISK ON IT iStock-NicoElNino-1364371014.jpg

    Measuring KPIs and KRIs for Comprehensive Supplier Performance Management

    Technology

Digital Edition

Scb nov 2022 sm

2022 Supply Chain Innovator of the Year

VIEW THE LATEST ISSUE

Case Studies

  • New Revenue for Cloud-Based TMS that Embeds Orderful’s Modern EDI Platform

  • Convenience Store Client Maximizes Profit and Improves Customer Service

  • A Digitally Native Footwear Brand Finds Rapid Fulfillment

  • Expanding Apparel Brand Scales Seamlessly with E-Commerce Technology

  • How a Global LSP Scaled its Security Program and Won More Business

Visit Our Sponsors

Orderful Yang Ming Alithya
Barcoding Blue Yonder BNSF Logistics
CoEnterprise Data Capture Deposco
E2open GAINSystems Generix
Geodis GEP GreyOrange
Here Honeywell Intelligrated IFM
Infor Inmar Keelvar
Kinaxis Korber Lean Solutions Group 2H
Liberty SBF Locus Robotics Logility
LogistiVIEW Lucas Systems MCA Connect
MPO Nvidia Old Dominion
OpenText ORTEC Overhaul
Parsyl PMMI QIMA
Redwood Logistics Ryder E-commerce by Whiplash Saddle Creek Logistics
Schneider Dedicated Setlog Holding AG Ship4WD
Shipwell Tecsys TGW Systems
Thomson Reuters Tive Trailer Bridge
Vecna Robotics Verity
Verusen
  • More From SCB
    • Featured Content
    • Video Library
    • Think Tank Blog
    • SupplyChainBrain Podcast
    • Whitepapers
    • On-Demand Webinars
    • Upcoming Webinars
  • Digital Offerings
    • Digital Issue
    • Subscribe
    • Manage Your Subscription
    • Newsletters
  • Resources
    • Events Calendar
    • SCB's Great Supply Chain Partners
    • Supplier Directory
    • Case Study Showcase
    • Supply Chain Innovation Awards
    • 100 Great Partners Form
  • SCB Corporate
    • Advertise on SCB.COM
    • About Us
    • Privacy Policy
    • Contact Us
    • Data Sharing Opt-Out

All content copyright ©2023 Keller International Publishing Corp All rights reserved. No reproduction, transmission or display is permitted without the written permissions of Keller International Publishing Corp

Design, CMS, Hosting & Web Development :: ePublishing