STORES Magazine - May 2011 - (Page 96)

LOSS PREVENTION / WEBSITE SECURITY 51 percent of retail websites were found to be “always vulnerable” and another 18 percent were “frequently vulnerable” to issues like information leakage and cross-site scripting. Threat Containment Securing vulnerable websites requires constant vigilance BY CRAIG GUILLOT I n today’s world, just about everything starts online. More and more customers research products, prices and stores before leaving their home, so web security is paramount for a retailer. While companies work hard to ensure a top level of security, research shows that as many as eight in 10 websites have security vulnerabilities at any given point in time. Unfortunately, retail websites are some of the most vulnerable on the web, according to a new report by WhiteHat Security. Many are open to attack, with results ranging from loss of data and malware infection to loss of consumer confidence. A top provider of website risk management solutions, WhiteHat Security serves many Fortune 1000 retailers using a four-phase Website Risk Management approach that includes asset identification, vulnerability management, reporting and protection. White Hat recently released its 11th annual Website Security Statistics Report, reviewing vulnerabilities in more than 3,000 websites across 400 organi96 STORES / MAY 2011 zations. It found that the average website has serious vulnerabilities more than nine months of the year. Information leakage (when a website reveals sensitive data like the details of the web application) was found to be the most common vulnerability, followed by cross-site scripting, which allows malicious attackers to inject script into pages viewed by other users. Jeremiah Grossman, founder and chief technology officer of WhiteHat, says that most websites will contain some faulty code; what is important is how long it takes to identify that threat and fix it. “Websites are complex things and they tend to have a lot of bugs,” Grossman says. “Over a [one-] year period, eight out of 10 will have a serious issue.” The report found that heavily regulated industries like banking and healthcare tended to have the lowest vulnerabilities. In contrast, 51 percent of retail websites were found to be “always vulnerable” and another 18 percent were “frequently vulnerable.” Only 11 percent of the sampled retail websites were found to be “rarely vulnerable.” WWW.STORES.ORG http://WWW.STORES.ORG

Table of Contents for the Digital Edition of STORES Magazine - May 2011

STORES Magazine - May 2011
Editor’s Page
President’s Page
Retail People
Supply Chain
Getting Closer to Customers
Workforce Management
Customer Satisfaction
Customer Rewards
Human Resources
2011 Software Sourcebook Guide
Website Security
Divisional Update
NRF News
Point of View
Retail Industry Calendar
End Cap

STORES Magazine - May 2011