2018 Emerging Trends in Cyber Risk for Retail

(This article originally appeared in Loss Prevention Magazine)

LP Magazine‘s columnist Tom Meehan, CFI, shares his top five predictions for cyber risks retailers can expect in 2018:

1. Ransomware attacks will increase in 2018 and will become more sophisticated. Ransomware has been more prevalent in the past two years. In the first quarter of 2017 alone, these attacks have gone up by more than 250 percent. Ransomware is a type of malicious software designed to block access to computer files by encryption. A hacker will demand a sum of money to be paid to get your files back.

2. Attacks in both digital and physical worlds will become more serious. In the United States, we are increasingly likely to experience our first large-scale attack on critical infrastructure, designed to disrupt government and private sector. In 2017, there were several large-scale airport, airline and utility company outages that were made possible by errors and outdated systems. In 2018, we can expect more of this.

3. Governments will continue to be prime targets for cyber attacks. The attacks will be organized by a variety of players, including rival governments and private actors. Cyber warfare will be a more recognized and used term. Cyber warfare involves the use and targeting of computers and networks in warfare. It can include both offensive and defensive operations for the purposes of espionage and sabotage.

4. Automation and artificial intelligence (AI) will improve threat detection. AI is already being widely adopted in searching for and analyzing of potential threats. Use cases will include endpoint, firewall, network traffic and exception reporting. However, keep in mind the bad actors are working with AI as well.

5. Attacks on the Internet of Things (IoT) devices will reach a new high in 2018. IoT devices can already be found everywhere and are becoming even more popular. Hundreds of millions of connected devices have little or no defense against hackers, making them easy targets. In a retail setting, IP cameras are one of the many such devices that can be vulnerable to hacks. IoT device makers are slowly making progress in securing their products. That won’t help the millions of devices already deployed that are not secure and are difficult to patch.

Our risk in retail is continually evolving. The rapid change in retail is making it increasingly difficult for us to mitigate risk. We must remain vigilant and take a balanced approach that focuses on prevention and how we respond to a cyber event.