sb-nz logo
Story image

Retailers failing customers when it comes to data security

Retailers are failing to adequately secure customer’s data, especially when it comes to application development processes, new research from Claranet indicates.

According to Claranet, many retailers have adopted or plan to adopt a DevOps approach. In fact, 40% of retailers said they have already adopted a DevOps approach and 44% expect to this year.

However, less than half (42%) are confident when it comes to integrating security into this process, or DevSecOps. This is largely due to the fact the retailers feel they lack in-house capabilities to deliver DevSecOps, and only 48% know how to integrate IT security into their processes.

According to Claranet, not integrating security into DevOps approaches signifies significant security risks and can lead to data protection risks.

Claranet head of retail John Hayes-Warren says, “Embracing DevOps is clearly a priority for retailers as they look to improve their applications and deliver better, more seamless experiences for their customers. However, the lack of DevSecOps integration shows security is still regarded as separate from the development lifecycle, rather than factored in from the start."

"DevOps is a constantly evolving process that embraces innovation, and tends to outpace security and compliance, making it increasingly difficult to embed and automate the latest best practices into each stage of the development lifecycle. This is supported by the fact that over half of retailers do not feel confident they can deliver DevSecOps, opening the door to leaks of customer data, fraud, and cyberattacks," he says.

Hayes-Warren encourages retailers to develop an in-house development programmes that includes regular security training courses.

These should include continuous monitoring and analytics throughout the DevOps lifecycle, whether in planning, coding, pre-production, or even decommissioning, he says.

"DevSecOps is a complex process that is continually changing to respond to new security threats. It is vital that retailers provide their development teams with suitable training programmes if they hope to build highly secure applications and this will help to ensure all customer data is fully protected across each end-point,” says Hayes-Warren.

Story image
BayCom partners with NICE inContact to offer cloud contact centre platform in NZ
“With our extensive experience in the industry, BayCom has the ability to design, implement and support CXone nationwide, providing organisations with an industry-leading Contact Centre as a Service (CCaaS) solution to deliver on their customer experience strategies.”  More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More
Story image
SOC, SIEM, SOAR and SASE define Fortinet’s Security Fabric
Cornelius Mare, Fortinet A/NZ Director, Security Solutions, deciphers the jargon and explains how an alphabet soup of integrated security services spells comprehensive protection for your network and ensures business continuity.More
Download image
Enterprise leaders discuss what makes up networking infrastructure
NFV is fast becoming the go-to method of simplifying corporate networks from planning, through deployment and management.More
Story image
Gartner reveals the top strategic tech trends for 2021
“CIOs are striving to adapt to changing conditions to compose the future business - this requires the organisational plasticity to form and reform dynamically. Gartner’s top strategic technology trends for 2021 enable that plasticity.”More
Story image
COVID-related email subjects biggest threat in phishing scams
Coronavirus-related email subjects remain the biggest threat in phishing scams, a new study has found.More