Forrester: How to keep your enterprise secure during Cyber Monday

Forrester analysts recommend steps to maintain e-commerce and supply chain security during surging Cyber Monday digital activity.

Chain Store Age has consulted with several leading Forrester analysts about different risks retailers face for Cyber Monday, which falls this year Monday, Nov. 29. The Monday after Thanksgiving is traditionally the biggest online shopping day of the year, with Adobe Analytics data indicating Cyber Monday 2020 stands as the largest online shopping day in U.S. history, approaching $11 billion in digital sales. And analysis from ACI Worldwide predicts that Cyber Monday digital sales in 2021 will rise 21% year-over-year.

Following is specific advice from Forrester about how retailers can mitigate Cyber Monday security threats posed by phishing attacks, automated shopping bots, and supply chain risks:

Phishing attacks
“Retail requires 100% uptime, especially on the weekend leading up to Cyber Monday, and of course, Cyber Monday itself,” said Forrester analyst Allie Mellen. “If retailers are compromised during this time, especially with a ransomware attack, they may be more inclined to make a quick decision like paying a ransom to get back online as fast as possible. It’s important they look out for an uptick in attacks the weekend before and, of course, the day of. 

“We may see an uptick in phishing attacks as an entry point into the enterprise, particularly ones where attackers claim to be customers struggling to make purchases online,” continued Mellen. “In what is sure to be a busy day of requests from customers, attackers may be looking to sneak through with requests by masquerading as frustrated customers and using that entryway to deploy malware.” 

Blocking bots
“Bots love e-commerce sites with scarce products like moths love flames,” said Forrester principal analyst Sandy Carielli. “Chip shortages and supply chain hiccups open opportunities for attackers who were already leveraging bots to hoard and resell popular items like sneakers and gaming consoles. As more of the season’s popular gifts become difficult to find, expect bot operators to step up their activities and target a wider range of inventory. Retailers that don’t block the bots lose out and those frustrated customers who didn’t get their desired item go elsewhere and might not come back - ever.” 

Proactive supply chain management
“Leading up to and during the holiday shopping season, retailer organizations can proactively manage their supply chain risks by taking the following steps,” said Forrester senior analyst Alla Valente. “Identify and monitoring changes in global risk factors that impact tier one and sub-tier suppliers, then create just-in-case contingencies to maintain your resilience. 

“Retailers should also promote and incentivize early shopping on inventory that’s currently available,” Valente said. “When stock-outs occur, be transparent and timely in communicating the issues and how long it may take to resolve them. It may be wise to push scarce inventory to local stores and to limit the number of units that each shopper can buy to reduce the risk of hoarding. If you offer secondhand/refurbished goods in your assortment, promote those to customers who may be looking for sustainable, and available, options.”