Join our panel during Black Hat 2024 – Blurred Lines: Investigating the Convergence of Internal and External Threats



Insider Risk Insights - DTEX Blog

Say it Ain’t So Mom! Back to School Shopping & Retail Cybersecurity

Retail cybersecurity insider risk management blog post

Yep, it’s the time of year every kid loves, but hates more…Time to start back to school shopping.

Major transformations to living, working, and learning environments have altered consumer shopping habits drastically over the last few years. These changes in behavior parallel the types of cybersecurity risks impacting employees and organizations.

We previously highlighted the vulnerabilities that result from the mixing of personal and corporate devices. Today, we explore the larger retail industry trends impacting internal and external security risks.

With the rise of e-commerce and hybrid work, retailers face the unique hurdle of understanding how emerging technology trends designed to support businesses in this new era of work could also impact the cybersecurity posture of their entire industry. As retailers across the globe look to harness the latest data-driven technologies to improve sales, the attack surface for cybercriminals is expanding rapidly. This has left many playing catch up, creating an immediate and urgent need for enhanced security solutions.

Since the onset of the pandemic, we have seen a 3x increase in use of corporate assets for personal activities, including the use of social media, shopping for goods and services, trading stocks, and more. Moreover, our data shows that 3-8% of a retail organization’s employee base performs personal shopping activities on a corporate asset within a single month.

The same tactics retailers are using to reach consumers also pose a risk to their own organizations—and hackers know it. The stakes are even higher for retail organizations that need to protect corporate data and sensitive customer information like credit card numbers and bank information.

From an insider risk perspective within the retail industry, we’ve seen an increase in employees using their access privileges to search for, copy, and steal discount codes and coupons. There is also increased evidence that they are looking for employee discount codes in addition to other deals they may find online.  

On top of this, growing uncertainty and fear surrounding potential layoffs can be a powerful driver of insider threats. This is especially true for retailers who already grapple with high employee turnover rates, short-term seasonal employees, and managing the access of third-party payment services. As we embrace this new era of work-from-anywhere, it’s critical that retailers take a proactive, human-centric approach to managing internal and external risks in this evolving landscape.

Interested in learning more? Get in touch with our team to see how DTEX InTERCEPT helps to mitigate retail security risks by demystifying the context and intent of human behaviors without violating the trust and privacy of employees.