STORES Magazine - May/June 2017 - LP53
Things raise new challenges
for businesses concerned with
"Once businesses are ready
to push out new products and
services, it is hard to slow down
to evaluate whether there may
be any security concerns,"
Peretti says. "However, the
concept of building security as
you go - or 'security by design'
- is gaining traction, although
we still have a way to go."
Another consideration in
evaluating the security of a
network, systems and data is
understanding the degree to
which the business depends on
others to host its sensitive data
or critical system. Third party
security risk management is a cornerstone issue to build into
any cybersecurity program.
In some cases, hacking incidents might not particularly harm
the victimized entity but could still cause serious disruption for
others. Using IoT as an example, Peretti notes that a toaster in
someone's home might be hacked and become part of a botnet
used to take down servers at a business.
"The consumer might not care, or even know that the toaster
was hacked," Peretti says. "How do you shift the consequences
to the sources of the hacking rather than the end victims?"
Even as new technologies are developed, they are covered
by a patchwork of out-of-date laws and regulations. Most
states have breach notification statutes, some quite different
from others, making it challenging for multi-state businesses
like retail chains. NRF has asked Congress to pass a uniform
national data breach law that would supersede state laws. NRF
says such a law needs to apply to all entities that handle data,
not just retailers.
"While there is nothing definite on the horizon, federal
breach notification legislation has been a topic of discussion
in Congress for years on both sides of the aisle, given the
proliferation of varied state laws and regulation in the area,"
"Along those lines, one of the obstacles facing any such
legislation is the issue of state law preemption. It would be
difficult to put a number on the probability of a federal statute
actually passing in such a complicated statutory environment,
but federal data breach notification laws are likely to get at
least some congressional attention."
RIGHT ON THE
Secures your cash. And your future.
Ascent Validating, Note Deposit, Coin and Note Dispensing
safe components let you build the ultimate expandable system
to secure, track, and account for your cash - dramatically
reducing loss, while ensuring employees handle cash less and
customers more. See how Ascent can take you to the top now,
and even farther as you grow in the future. Call 800-452-4655
x. 3001 today, or visit www.fireking.com.
Call (800) 342-3033 ext. 3001 today, or
David P. Schulz has been writing for STORES since 1982 and is the author of
several non-fiction books.
STORES May/June 2017