Canadian Retailer - Fall 2016 - 40

LOSS PREVENTION

"significant real-world data"). While
American companies in 47 states
are bound by mandatory reporting
provisions, Canada has no such
laws in place, and as O'Keefe and
Wisniewski explain, this means
breaches often go unreported.
"Every time I see someone report a number, I get really upset,"
Wisniewski says. "I'm going: 'That's
not true'. The truth is, people haven't
been reporting these things. I'd love
to be able to answer that question.
It would be incredibly useful data to
have. You see companies not reporting this information for a variety of
reasons, and because they're not
reporting, we can't learn from their
mistakes. What hit one organization then targets 100 others."
The reasons for keeping quiet
about such incidents can be numerous: reputation, worries about
plummeting stock price or customer backlash, fear of lawsuits.
However, attacks can also go unreported even within an organization-sometimes for weeks
at a time. Because, as Wisniewski and O'Keefe are quick to
point out, most attacks on businesses are made possible due
to human error.
"If you look at all of the breaches that have taken place in
the last few years, they have one thing in common," O'Keefe
explains. "The Human Element. The breaches have all been
as a result of a person in the organization who has failed to
meet all of the standards they have put in place. Somebody's
been let in through the back door, someone has given out their
password, or left their system unlocked. Somebody did something wrong, and hackers thrive on people being people."
"It's much easier to attack humans than computers," Wisniewski agrees. "Every day that goes by, our computers and devices
are getting more secure. You get an iPhone update once a month,
a Windows update once a month, a Chrome update three times
a month. Virtually all of the major breaches you've seen over
the last few years-Target, Sony, all these big names-all of them
pretty much started with a human opening the door."
And while large retailers are usually capable of weathering
the storm, smaller businesses often aren't so lucky.
"As a big retailer, you can probably survive. It might actually make you more secure," Wisniewski says. "You can change
policy, and bring in a crack security team. But if you're a small
business, you just go bankrupt. Pretty much every time. Any
small business I've seen that's had any breach I'd call significant, it's often a business-ending event."

40 |

CANADIAN RETAILER | FALL 2016

Fighting back

Luckily, there is no shortage of tools retailers can use to help better safeguard their business against cyberattacks. In Canada, PIPEDA
(the Personal Information Protection and Electronic Documents Act), was enacted in 2000 to
better protect consumer information. Chip and
PIN technology and mandatory PCI Compliance help keep payment information secure.
But, outside of a legal or regulatory framework,
there are plenty of things that IT and LP professionals can do to make companies-and their
employees-safer. With phishing attacks on the
rise, Wisniewski stresses that employee education is crucial; whether it's training, or even a
memo detailing common scams (he estimates
that as much as 50 per cent of successful breach
attempts start over email or the telephone).
And, he adds, for many in IT or LP, another key
to success lies in an adjustment of attitude.
"It's important to let staff know that they
won't be blamed when it happens," he explains.
"That way, they'll come to you. Most often
when you do the forensics after an incident, the
person who made the mistake kind of knew it
was wrong, but waited two weeks until somebody else noticed the same thing and asked



Table of Contents for the Digital Edition of Canadian Retailer - Fall 2016

Publisher’s Desk
Retail Currents
Retail Research
Independents’ Corner
Retail: At Issue
The Future of Retail
Technology for the Good
E-Commerce Next Practices
The State of Mobile Payments
Aldo Launches ‘Store of the Future’ at Westfield World Trade Center
The Hottest Summer in Half a Century
Once More Unto the Breach
Advertiser’s Index
Canadian Retailer - Fall 2016 - bellyband1
Canadian Retailer - Fall 2016 - bellyband2
Canadian Retailer - Fall 2016 - cover1
Canadian Retailer - Fall 2016 - cover2
Canadian Retailer - Fall 2016 - insert1
Canadian Retailer - Fall 2016 - insert2
Canadian Retailer - Fall 2016 - 3
Canadian Retailer - Fall 2016 - Publisher’s Desk
Canadian Retailer - Fall 2016 - 5
Canadian Retailer - Fall 2016 - Retail Currents
Canadian Retailer - Fall 2016 - 7
Canadian Retailer - Fall 2016 - insert3
Canadian Retailer - Fall 2016 - insert4
Canadian Retailer - Fall 2016 - Retail Research
Canadian Retailer - Fall 2016 - Independents’ Corner
Canadian Retailer - Fall 2016 - Retail: At Issue
Canadian Retailer - Fall 2016 - 11
Canadian Retailer - Fall 2016 - insert5
Canadian Retailer - Fall 2016 - insert6
Canadian Retailer - Fall 2016 - The Future of Retail
Canadian Retailer - Fall 2016 - 13
Canadian Retailer - Fall 2016 - 14
Canadian Retailer - Fall 2016 - 15
Canadian Retailer - Fall 2016 - 16
Canadian Retailer - Fall 2016 - 17
Canadian Retailer - Fall 2016 - 18
Canadian Retailer - Fall 2016 - 19
Canadian Retailer - Fall 2016 - Technology for the Good
Canadian Retailer - Fall 2016 - 21
Canadian Retailer - Fall 2016 - 22
Canadian Retailer - Fall 2016 - 23
Canadian Retailer - Fall 2016 - E-Commerce Next Practices
Canadian Retailer - Fall 2016 - 25
Canadian Retailer - Fall 2016 - 26
Canadian Retailer - Fall 2016 - 27
Canadian Retailer - Fall 2016 - The State of Mobile Payments
Canadian Retailer - Fall 2016 - 29
Canadian Retailer - Fall 2016 - 30
Canadian Retailer - Fall 2016 - 31
Canadian Retailer - Fall 2016 - Aldo Launches ‘Store of the Future’ at Westfield World Trade Center
Canadian Retailer - Fall 2016 - 33
Canadian Retailer - Fall 2016 - The Hottest Summer in Half a Century
Canadian Retailer - Fall 2016 - 35
Canadian Retailer - Fall 2016 - 36
Canadian Retailer - Fall 2016 - 37
Canadian Retailer - Fall 2016 - Once More Unto the Breach
Canadian Retailer - Fall 2016 - 39
Canadian Retailer - Fall 2016 - 40
Canadian Retailer - Fall 2016 - 41
Canadian Retailer - Fall 2016 - Advertiser’s Index
Canadian Retailer - Fall 2016 - cover3
Canadian Retailer - Fall 2016 - cover4
http://www.nxtbook.com/naylor/RETS/RETS0617
http://www.nxtbook.com/naylor/RETS/RETS0517
http://www.nxtbook.com/naylor/RETS/RETS0417
http://www.nxtbook.com/naylor/RETS/RETS0317
http://www.nxtbook.com/naylor/RETS/RETS0217
http://www.nxtbook.com/naylor/RETS/RETS0117
http://www.nxtbook.com/naylor/RETS/RETS0616
http://www.nxtbook.com/naylor/RETS/RETS0516
http://www.nxtbook.com/naylor/RETS/RETS0416
http://www.nxtbook.com/naylor/RETS/RETS0316
http://www.nxtbook.com/naylor/RETS/RETS0216
http://www.nxtbook.com/naylor/RETS/RETS0116
http://www.nxtbook.com/naylor/RETS/RETS0615
http://www.nxtbook.com/naylor/RETS/RETS0515
http://www.nxtbook.com/naylor/RETS/RETS0415
http://www.nxtbook.com/naylor/RETS/RETS0315
http://www.nxtbook.com/naylor/RETS/RETS0215
http://www.nxtbook.com/naylor/RETS/RETS0115
http://www.nxtbook.com/naylor/RETS/RETS0614
http://www.nxtbook.com/naylor/RETS/RETS0514
http://www.nxtbook.com/naylor/RETS/RETS0414
http://www.nxtbook.com/naylor/RETS/RETS0314
http://www.nxtbook.com/naylor/RETS/RETS0214
http://www.nxtbook.com/naylor/RETS/RETS0114
http://www.nxtbook.com/naylor/RETS/RETS0613
http://www.nxtbook.com/naylor/RETS/RETS0513
http://www.nxtbook.com/naylor/RETS/RETS0413
http://www.nxtbook.com/naylor/RETS/RETS0313
http://www.nxtbook.com/naylor/RETS/GrandPrix2012
http://www.nxtbook.com/naylor/RETS/RETS0213
http://www.nxtbook.com/naylor/RETS/RETS0113
http://www.nxtbook.com/nxtbooks/naylor/RETS0612
http://www.nxtbook.com/nxtbooks/naylor/RETS0512
http://www.nxtbook.com/nxtbooks/naylor/RETS0412
http://www.nxtbook.com/nxtbooks/naylor/RETS0312
http://www.nxtbook.com/nxtbooks/naylor/RETS0212
http://www.nxtbook.com/nxtbooks/naylor/RETS0112
http://www.nxtbook.com/nxtbooks/naylor/RETS0611
http://www.nxtbook.com/nxtbooks/naylor/RETS0511
http://www.nxtbook.com/nxtbooks/naylor/RETS0411
http://www.nxtbook.com/nxtbooks/naylor/RETS0311
http://www.nxtbook.com/nxtbooks/naylor/RETS0211
http://www.nxtbook.com/nxtbooks/naylor/RETS0111
http://www.nxtbook.com/nxtbooks/naylor/RETS0610
http://www.nxtbook.com/nxtbooks/naylor/RETS0510
http://www.nxtbook.com/nxtbooks/naylor/RETS0410
http://www.nxtbook.com/nxtbooks/naylor/RETS0310
http://www.nxtbook.com/nxtbooks/naylor/RETS0210
http://www.nxtbook.com/nxtbooks/naylor/RETS0110
http://www.nxtbook.com/nxtbooks/naylor/RETS0309
http://www.nxtbook.com/nxtbooks/naylor/RETS0209
http://www.nxtbookMEDIA.com