In Part 1 we discussed how a blame game ensued following a string of recent retail breaches. Customers largely pointed a finger at the companies themselves, but retailers have a different outlook.
Focusing on better customer preparedness
Though patrons largely blame retailers for a breach, it has been pointed out that there are measures customers can also take to better secure their data. In the wake of the Target breach, a second letter sent by CEO Steinhafel was seen as implicitly blaming the customer more than the store itself for the extent of the attack. His ostensible admission that "I am truly sorry that this incident occurred" was seen by some as evading taking responsibility, and instead hinting that the incident happened because of the customer, not the store.
The store's subsequent move – to warn customers about guarding their identity and offer free credit protection – was also seen by some as customer-blaming, since it seemed to imply that, had the customer done these things in the first place, they could have prevented what happened to them.
Moving past blame and installing endpoint protection software across the board
Ultimately, finger-pointing will not lead to a productive outcome. Regardless of where the fault lies, attacks will continue to happen. In 2013 more malware strains emerged than ever before. The number of new malware infections in that year alone represents 20 percent of all malware ever created, according to TechRadar.
The strength of malware is such that malicious code developed in a country like Russia can be easily uploaded onto hacker forums, bought by fellow cybercriminals, and put to use against American retail stores. The worldwide nature of malware operations necessitates a global response. Fortunately one exists: better endpoint security and control.
And the truth is that both groups – retailers and customers – must ensure that they have the most rigorous data leak prevention infrastructure in place to protect their data. Data is best guarded on all sides.
This is a fact that cybersecurity expert Peter Singer discussed in an interview with Military Times. Singer – a researcher who focuses his work on the ever-changing IT landscape – said that cybersecurity is something that must be considered by all parties.
"This isn't just a Cyber Command issue or an IT department issue. It is everyone's responsibility to know, and everyone's responsibility to understand it," he said.