Retail

Companies in this sector have been targeted frequently for customer and credit card data. For example, in 2013, the customer credit card data of 110m customers was stolen from Target through a malware attack. The cost of this breach is currently estimated at over $148m. The loss of such data or the unavailability of critical IT services carries high reputational risk not to mention potential loss of sales or even compliance fines. This is evident in high profile data breaches within the sector – which in several cases was through a third party. Dealing with many external touch points, both physically in terms of number of stores and technically in terms of ecommerce, telesales, stores and corporate environments, makes the assessment of information security risks a challenge and further complicates achieving compliance to the Payment Card Industry Data Security Standard (PCI-DSS).

7Safe is well placed to help clients manage the cyber security of their IT systems through our portfolio of infrastructure, application, database and web penetration testing offerings. We are also experts at helping our clients achieving compliance with PCI-DSS.

As part of PA Consulting Group, we are also able to combine our technical cyber security expertise with deep industry knowledge and skills in management consulting, technology and innovation. To find out more about PA's broad experience in cyber security, click here.

Related Insight

  • Emojis for passwords

    Emojis for passwords

    During the last month, there has been much talk about how successful a system where the password is entirely replaced by emojis might be. The idea of replacing passwords with images or icons is not a new one, but came up again when the company “Intelligent Environments”, a financial software development company, introduced a passcode authentication system using emojis.
    Read more
  • mobile security

    Mobile attacks: Should you be worried?

    Read more
  • information_security

    Why you should care about an old hashing algorithm

    It has been some years now since the US National Institute for Standards and Technology announced that the SHA-1 encryption algorithm should no longer be regarded as secure and required US federal agencies to move away from its use, so why does this now matter to senior business officers?
    Read more

Related Case Studies

  • shutterstock_163229387

    Ensuring best-possible security for business-critical applications

    A cyber attack on business-critical applications can disable a business and undermine its reputation, so ...
  • 1833

    Closing gaps in security to keep customers’ payment card data safe

    All retailers, whether they are taking payment online or offline, must keep their customers’ payment ...
  • Depositphotos_14767997_s

    Protecting brand reputation in the e-commerce space

    Our client, a leading jewellery retailer selling famous brands online, was keen to ensure that ...