More
About Us
My Profile
Contact Us
Member Log In
Welcome,
Log Out
Join FMI's network on LinkedIn
Join FMI's conversation on Twitter
Subscribe to FMI via RSS
Like FMI on Facebook
Watch FMI's videos on YouTube
Events & Education
News Room
Store
More
About Us
Who We Are
History
Our Members
Awards and Community Outreach
FMI Executive Awards
Store Manager Awards
2013 Store Manager Award Finalists
Store Manager Award Grand Prize Winners
FMI Community Outreach Awards
FMI Community Outreach Nominees
2012 Community Outreach Award Winners
FMI Foundation
Careers at FMI
Careers
FMI Vision & Mission
Getting to Know FMI
FMI Member Company Websites
Jobs at FMI
Directions to FMI
Solution Provider Partners
Contact Us
The Food Industry
Membership
Join FMI
Retailers
Membership Benefits
Contact Us
Independent Operators
Member Benefits - Independent Operators
Contact Us
Wholesalers
Member Benefits - Wholesalers
Contact Us
Associate Members
Membership Benefits
Suppliers Guide
Associate Member Directory
Contact Us
Private Brands
Membership Benefits
Contact Us
Canadian Members
Membership Benefits
Contact Us
International Members
Membership Benefits
FMI Japan
Contact Us
Events & Education
Education
Webinars
Calendar
Event Archive
Industry Event Calendar
Awards
News Room
Latest News
News Archive
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
Newsletters
Staff Contacts for Press
Policy Statements
Testimony
Supermarket Facts
Sign Up for SmartBrief Updates
Member Community
FMI Member Community
Email Lists
Newsletters
Independent's Edge
FMI Tax Time
2011 Archive
2010 Archive
2009 Archive
FMI In Washington
2012 Archive
2011 Archive
2010 Archive
2009 Archive
2008 Archive
2007 Archive
2006 Archive
2005 Archive
2004 Archive
FMI News: Aisle by Aisle
FMI Labor Report
Federal Regulatory Update
Membership Directories
Committees
FMI Social Media
Issue Updates
Government Affairs
FMI Government & Public Affairs
Impact of Government Shutdown
Government Relations Staff
Priority Issues
Federal Affairs
Swipe Fee Reform
Health Care Reform
FMI Health Care Resources
Menu Labeling
Labor
E-Fairness
SNAP
Food Safety
Organized Retail Crime
Regulatory Affairs
State Affairs
Regulatory
Country of Origin Labeling
SNAP
Refrigeration
Transportation
Single Ingredient Labeling
State Affairs
State Issue Papers
FMI State Association Council Links and Other State Legislative Links
State Legislative and Regulatory Toolkits
FMI State Affairs Updates
StateTrac
Political Programs
FoodPAC
FMI LEAD
Key Votes
Voting Resources
GR News
Contact Your MOC
Newsletters
GR Newsletters Sign Up
Legal Affairs
GR Multimedia
Testimony
View
Food Safety
Center for Retail Food Safety and Defense
Recalls
Regulatory Information & Links
Publications
Food Safety Resources
Food Safety Community
SafeMark
SafeMark Publications
SafeMark Supermarkets
SafeMark Food Establishments
SQF Institute
My Profile
Industry Topics
Food Industry Topics
Asset Protection
Risk & Safety
Compliance
Cyber Security
Crisis Management
Food Safety & Security
Consumer Affairs
Animal Welfare
Food Storage
Additional Consumer Resources
FightBac
Food Safety & Security
Health & Wellness
Nutrition
Obesity
Pharmacy
Vaccines
Expert Blog
How to Implement Your Wellness Program
Facts Up Front
Gold Plate Award Winners
Shopping For Health 2013
Fresh Foods
Marketing & Merchandising
One to Many
Sign up
Private Brands
Retail Operations
Supply Chain
Sustainability
Key Initiatives
Key Sustainability Tools and Resources
Getting Started Tools
Food Waste
Seafood
Energy
Packaging and Extended Producer Responsibility (EPR)
Stakeholder Partnerships
Making the Business Case
Consumers
Emerging Trends
Social Responsibility
Sustainable Agriculture
Sustainable Sourcing
Sourcing Sustainable Products
Webinars
Technology
Industry Collaboration Council
Research Resources
FMI Research Resources
Supermarket Facts
Online Catalog & Abstracts Database
Knowledge Portal
Knowledge Portal Submissions
What's New from FMI Research
Store
Store
Top Sellers
Specials
How to Place an Order
View Cart
Industry Topics
Industry Topics
Food Industry Topics
Asset Protection
Risk & Safety
Compliance
Cyber Security
Crisis Management
Food Safety & Security
Consumer Affairs
Animal Welfare
Food Storage
Additional Consumer Resources
FightBac
Food Safety & Security
Health & Wellness
Nutrition
Obesity
Pharmacy
Vaccines
Expert Blog
How to Implement Your Wellness Program
Facts Up Front
Gold Plate Award Winners
Shopping For Health 2013
Fresh Foods
Marketing & Merchandising
One to Many
Sign up
Private Brands
Retail Operations
Supply Chain
Sustainability
Key Initiatives
Key Sustainability Tools and Resources
Getting Started Tools
Food Waste
Seafood
Energy
Packaging and Extended Producer Responsibility (EPR)
Stakeholder Partnerships
Making the Business Case
Consumers
Emerging Trends
Social Responsibility
Sustainable Agriculture
Sustainable Sourcing
Sourcing Sustainable Products
Webinars
Technology
Industry Collaboration Council
Home
|
Industry Topics
|
Asset Protection
|
Cyber Security
Cyber Security
Print
The retail industry is the top target of cyber criminals due to the lure of the large number of customer records, with 96% of the data targeted coming from payment card data, personal identifiable info (PII), email addresses and a well-established underground market place for this stolen information
[Source: Trustwave's 2013 Global Security Report]
.
[Source: Fortalice, Cyber Security Experts]
Now What?
Since many breaches could have been avoided through reasonable security controls, members are encouraged to follow the below recommended steps:
Identify your top one, two or three most critical types of information and the systems which use them
Plan how you will operate if that information is lost, corrupted or the systems rendered inoperable
Train and communicate strategy to all company employees
Have a third party assess your information environment at least once a year and conduct penetration tests of both your logical and physical controls as part of the assessment
Other good practices include:
Develop and routinely review security policies and procedures that impact your critical information environment
Facilitate an internal simulation of a data breach or cyber disaster
Perform regular audits of your security polices and procedures. Address security practices holistically, not just as "physical"or just as "computer"
Monitor your information for intrusion, corruption and loss
Identify recovery assets in case of a cyber breach
Develop relationship with industry experts, crisis PR firm and legal counsel with cyber experience
General Resources:
2013 Global Security Report
– a valuable resource for businesses, free download from Trustwave
Common Sense Guide to Mitigating Insider Threats
- This guide describes 19 practices that organizations should implement across the enterprise to prevent and detect insider threats, as well as case studies of organizations that failed
to do so.
2013 Data Breach Investigations Report
- This year’s DBIR combines the expertise of 19 organizations from around the globe. Download the report to discover stats that might surprise you—from the percentage of espionage-related attacks to the astonishing length of time it often takes to spot a security breach. By knowing today’s threats, you can better protect your organization tomorrow.
Guide to better Passwords
- It is important to remember why passwords are important: passwords are often the first (and possibly only) defense against intrusion
2013 Security Predictions
- predictions to help prepare your network defenses for a safe and secure 2013
Security Breach Notification Chart
-
Perkins Coie's
Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each state's sometimes unique security breach notification requirements. Lawyers, compliance professionals, and business owners have told us that the chart has been helpful when preparing for and responding to data breaches.
Federal Resources:
US-CERT
- Check out these Tips that describe and offer advice about common security issues for non-technical computer users.
US-CERT Posters and Brochures
- provide guidance on physical and cyber security and how to report suspicious behavior, activity, and cyber incidents.
US-CERT mailing lists and feeds
- for a variety of products including the National Cyber Awareness System and Current Activity updates. The National Cyber Awareness System was created to ensure that you have access to timely information about security topics and threats.
Cyber Security Evaluation Tool
- tools to assess company's control system and information technology network security practices against recognized industry standards.
NIST Glossary of Key Information Security Terms
- This glossary provides a central resource of terms and definitions most commonly used in NIST information security publications and in CNSS information assurance publications.
Events
Monday, October 7 - Wednesday, October 9, 2013
2013 Collaborating for Growth
Fort Worth, TX
Wednesday, October 9, 2013 (2pm - 2:45pm US/Eastern)
Digital Grocery Commerce: Exploring the Potential for Grocery Shopping Apps Webinar
Arlington, VA
Tuesday, November 5 - Thursday, November 7, 2013
2013 SQF International Conference
Louisville, KY
Saturday, November 16 - Sunday, November 17, 2013
2013 Private Brands Business Conference
Rosemont, IL
Sunday, January 12 - Tuesday, January 14, 2014
2014 Midwinter Executive Conference
Scottsdale, AZ
More Events
Facts & Figures
» Facts & Figures