Canadian Retailer - Fall 2016 - 41

LOSS PREVENTION

quired. Everybody wants to share everything,
but after a certain point, you're not safeguarding the company's intellectual property."
Another ally in the fight against cybercriminals are "White-Hat Hackers"-computer security experts who perform non-destructive
"penetration checks" on a company's systems
to test their vulnerabilities (some are on payroll, while others bring system information to
Phishing: Thieves send an email with an ordinary-looking atbusinesses in exchange for payment-ironictachment, labelled as a spreadsheet, .pdf, or something equally
innocuous. When clicked, the attachment actually installs malally increasing the number of breach attempts
ware designed to steal your credentials (username, password,
each year). And while antivirus software, fireaddress book, etc). With access to the company email server
walls, and IT professionals are a crucial part of
and database, thieves can steal information or initiate fraudukeeping any business secure, some solutions
lent wire transfers.
According to the VDIR, in a series of more than 8 million
are surprisingly low-tech, up to and including
sanctioned phishing tests in 2015, 30 per cent of phishing
an awareness of social media presence.
emails were opened by targets, 12 per cent clicked the attach"I can learn almost everything I want to
ment, and only 3 per cent reported it to management.
know about a company on LinkedIn," WisniewInformation Theft: Criminals gain access to customer, employski chuckles. "Criminals can look on LinkedIn,
ee, or associate information-either through hacking, phishing
and they'll see, 'Oh, ok. The Director of IT's
emails, or phony PINpads using bluetooth and keystroke-recname is Jim. If I just start calling employees,
ognition technology-and use it for financial gain. This can take
the form of cloning debit and credit cards, or selling informaand saying I'm Jim from IT, and I need them to
tion directly-usually on the Deep Web.
reset their password for me, I'm going to trick
somebody within the first five calls."
"Canadian retailers are ahead of the times.
When it comes to Canada's place in the
global Data Security landscape, Wisniewski
Especially when it comes to credit information
and O'Keefe are of different opinions.
protection. Some of the safeguards on credit
"Many businesses in Canada aren't doing
cards-embracing chip and PIN technology way
nearly enough to protect their customer information," Wisniewski says flatly. "We have
ahead of the States, for example."
no Data Breach Notification laws in Canada.
- STEPHEN O'KEEFE, Gristmill Solutions
PIPEDA has some provisions, and there's one
about it. And they'll say 'Oh yeah, I thought other law, but there's no national or provincial laws. So most
that seemed kind of weird'. And we're going businesses don't do anything."
'Why didn't you tell me two weeks ago?' And
O'Keefe, for his part, is a little more upbeat-particularly
it's mostly because of the shame of it. And when it comes to retailers.
for years, us IT people, we've been shaming
"In a lot of ways, Canadian retailers are ahead of the times," he
people, saying 'How stupid are you?' and we says. "Especially when it comes to credit information protection.
need to change that attitude. I'd rather investi- Some of the safeguards on credit cards-embracing chip and
gate ten false reports and find one real one."
PIN technology way ahead of the States, for example. They're
In some cases, it's a matter of increased just going through that now. As far as personal information, the
cooperation between departments (Wisniew- different privacy acts are pretty much where they should be."
ski advocates two methods of authenticaHowever, both men agree that when it comes to combatting
tion for any wire transfers), and in others, as digital criminals, there's plenty of work still to be done.
O'Keefe points out, it's a matter of restrict"I speak in front of probably 100,000 people a year," Wisniewski
ing employee access-not only to prevent the adds, "and anecdotally, I'd say that half of businesses are having
theft of trade secrets, but to limit the damage some kind of computer security incident every year. Most of them
a criminal can do once inside the system.
aren't that big a deal, but even the small ones have a tendency
"You need to control access," he says. "People to cost between $5000-10,000. And those aren't even specifically
need enough information to do their job, and data thefts. That's where the information starts getting fuzzy."
enough to motivate them to become an enHe chuckles quietly, in spite of himself.
gaged player in the company, but not enough
"We like to joke that any organization who says they haven't
that you have more information than is re- had an incident just doesn't know it yet."
COMMON ATTACKS:

Ransomware: Hackers gain access to a company server and
encrypt all information-customer payment profiles and
company data-and hand over decryption keys only after a
ransom is paid (a fee which increases each day). While originally targeting individuals, businesses are increasingly being
affected; according to a study conducted by MalwareBytes,
close to 40 per cent of surveyed businesses had experienced
a Ransomware attack at some point in the past.

www.retailcouncil.org/cdnretailer

FALL 2016 | CANADIAN RETAILER

| 41


http://www.retailcouncil.org/cdnretailer

Table of Contents for the Digital Edition of Canadian Retailer - Fall 2016

Publisher’s Desk
Retail Currents
Retail Research
Independents’ Corner
Retail: At Issue
The Future of Retail
Technology for the Good
E-Commerce Next Practices
The State of Mobile Payments
Aldo Launches ‘Store of the Future’ at Westfield World Trade Center
The Hottest Summer in Half a Century
Once More Unto the Breach
Advertiser’s Index
Canadian Retailer - Fall 2016 - bellyband1
Canadian Retailer - Fall 2016 - bellyband2
Canadian Retailer - Fall 2016 - cover1
Canadian Retailer - Fall 2016 - cover2
Canadian Retailer - Fall 2016 - insert1
Canadian Retailer - Fall 2016 - insert2
Canadian Retailer - Fall 2016 - 3
Canadian Retailer - Fall 2016 - Publisher’s Desk
Canadian Retailer - Fall 2016 - 5
Canadian Retailer - Fall 2016 - Retail Currents
Canadian Retailer - Fall 2016 - 7
Canadian Retailer - Fall 2016 - insert3
Canadian Retailer - Fall 2016 - insert4
Canadian Retailer - Fall 2016 - Retail Research
Canadian Retailer - Fall 2016 - Independents’ Corner
Canadian Retailer - Fall 2016 - Retail: At Issue
Canadian Retailer - Fall 2016 - 11
Canadian Retailer - Fall 2016 - insert5
Canadian Retailer - Fall 2016 - insert6
Canadian Retailer - Fall 2016 - The Future of Retail
Canadian Retailer - Fall 2016 - 13
Canadian Retailer - Fall 2016 - 14
Canadian Retailer - Fall 2016 - 15
Canadian Retailer - Fall 2016 - 16
Canadian Retailer - Fall 2016 - 17
Canadian Retailer - Fall 2016 - 18
Canadian Retailer - Fall 2016 - 19
Canadian Retailer - Fall 2016 - Technology for the Good
Canadian Retailer - Fall 2016 - 21
Canadian Retailer - Fall 2016 - 22
Canadian Retailer - Fall 2016 - 23
Canadian Retailer - Fall 2016 - E-Commerce Next Practices
Canadian Retailer - Fall 2016 - 25
Canadian Retailer - Fall 2016 - 26
Canadian Retailer - Fall 2016 - 27
Canadian Retailer - Fall 2016 - The State of Mobile Payments
Canadian Retailer - Fall 2016 - 29
Canadian Retailer - Fall 2016 - 30
Canadian Retailer - Fall 2016 - 31
Canadian Retailer - Fall 2016 - Aldo Launches ‘Store of the Future’ at Westfield World Trade Center
Canadian Retailer - Fall 2016 - 33
Canadian Retailer - Fall 2016 - The Hottest Summer in Half a Century
Canadian Retailer - Fall 2016 - 35
Canadian Retailer - Fall 2016 - 36
Canadian Retailer - Fall 2016 - 37
Canadian Retailer - Fall 2016 - Once More Unto the Breach
Canadian Retailer - Fall 2016 - 39
Canadian Retailer - Fall 2016 - 40
Canadian Retailer - Fall 2016 - 41
Canadian Retailer - Fall 2016 - Advertiser’s Index
Canadian Retailer - Fall 2016 - cover3
Canadian Retailer - Fall 2016 - cover4
http://www.nxtbook.com/naylor/RETS/RETS0617
http://www.nxtbook.com/naylor/RETS/RETS0517
http://www.nxtbook.com/naylor/RETS/RETS0417
http://www.nxtbook.com/naylor/RETS/RETS0317
http://www.nxtbook.com/naylor/RETS/RETS0217
http://www.nxtbook.com/naylor/RETS/RETS0117
http://www.nxtbook.com/naylor/RETS/RETS0616
http://www.nxtbook.com/naylor/RETS/RETS0516
http://www.nxtbook.com/naylor/RETS/RETS0416
http://www.nxtbook.com/naylor/RETS/RETS0316
http://www.nxtbook.com/naylor/RETS/RETS0216
http://www.nxtbook.com/naylor/RETS/RETS0116
http://www.nxtbook.com/naylor/RETS/RETS0615
http://www.nxtbook.com/naylor/RETS/RETS0515
http://www.nxtbook.com/naylor/RETS/RETS0415
http://www.nxtbook.com/naylor/RETS/RETS0315
http://www.nxtbook.com/naylor/RETS/RETS0215
http://www.nxtbook.com/naylor/RETS/RETS0115
http://www.nxtbook.com/naylor/RETS/RETS0614
http://www.nxtbook.com/naylor/RETS/RETS0514
http://www.nxtbook.com/naylor/RETS/RETS0414
http://www.nxtbook.com/naylor/RETS/RETS0314
http://www.nxtbook.com/naylor/RETS/RETS0214
http://www.nxtbook.com/naylor/RETS/RETS0114
http://www.nxtbook.com/naylor/RETS/RETS0613
http://www.nxtbook.com/naylor/RETS/RETS0513
http://www.nxtbook.com/naylor/RETS/RETS0413
http://www.nxtbook.com/naylor/RETS/RETS0313
http://www.nxtbook.com/naylor/RETS/GrandPrix2012
http://www.nxtbook.com/naylor/RETS/RETS0213
http://www.nxtbook.com/naylor/RETS/RETS0113
http://www.nxtbook.com/nxtbooks/naylor/RETS0612
http://www.nxtbook.com/nxtbooks/naylor/RETS0512
http://www.nxtbook.com/nxtbooks/naylor/RETS0412
http://www.nxtbook.com/nxtbooks/naylor/RETS0312
http://www.nxtbook.com/nxtbooks/naylor/RETS0212
http://www.nxtbook.com/nxtbooks/naylor/RETS0112
http://www.nxtbook.com/nxtbooks/naylor/RETS0611
http://www.nxtbook.com/nxtbooks/naylor/RETS0511
http://www.nxtbook.com/nxtbooks/naylor/RETS0411
http://www.nxtbook.com/nxtbooks/naylor/RETS0311
http://www.nxtbook.com/nxtbooks/naylor/RETS0211
http://www.nxtbook.com/nxtbooks/naylor/RETS0111
http://www.nxtbook.com/nxtbooks/naylor/RETS0610
http://www.nxtbook.com/nxtbooks/naylor/RETS0510
http://www.nxtbook.com/nxtbooks/naylor/RETS0410
http://www.nxtbook.com/nxtbooks/naylor/RETS0310
http://www.nxtbook.com/nxtbooks/naylor/RETS0210
http://www.nxtbook.com/nxtbooks/naylor/RETS0110
http://www.nxtbook.com/nxtbooks/naylor/RETS0309
http://www.nxtbook.com/nxtbooks/naylor/RETS0209
http://www.nxtbookMEDIA.com