Study: Retailers gaining cybersecurity confidence

More retailers are suffering data breaches, but the industry is also feeling an increased level of capability to deal with them.



According to a new study of more than 200 IT professionals from security technology provider Tripwire Inc., 33% of retailers say they have experienced a breach where intruders stole or gained access to personally identifiable information, This is more than double the 14% who had experienced this type of breach in 2014.



However, with greater experience has come a greater resolve. Seventy-five percent of respondents said their organization would detect a data breach on critical systems within 48 hours, up significantly from 42% who said so in 2014.



The percentage who said they would detect a critical breach in 72 hours fell to 8% from 18% in 2014. And only 5% of respondents said they are not confident they can detect critical breaches quickly, compared to 20% two years earlier.



A vast 87% majority of respondents said their breach detection systems are either well-integrated (39%) or partially integrated (48%). In 2014, only 75% said these systems were well-integrated (33%) or partially integrated (42%).And the percentage citing a lack of integration fell to 2% from 8% two years earlier.



Looking at how often respondents currently conduct configuration checks, not surprisingly retailers with more than $100 million in annual revenue show more frequency than those with less than this annual revenue figure. Thirty-nine percent of both groups perform these checks every 24 to 72 hours.



However, larger retailers are much more likely to conduct configuration checks weekly (26%) than smaller retailers (16%). Conversely, smaller retailers are more likely to conduct these checks monthly (19% compared to 11%), quarterly (24% compared to 9%) and yearly (8% compared to 3%). Interestingly, virtually the same amount of smaller retailers (8%) and larger retailers (7%) conduct configuration checks less than once a year.