Tripwire Survey: Retailers Ramp Up Security Measures for 2020 Holiday Season

Posted on December 15, 2020

Majority of retail security professionals took additional IT security precautions this year, prepped earlier than usual

PORTLAND, Ore. – December 15, 2020 – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of a new research report that assessed retail cybersecurity programs in 2020. Conducted for Tripwire by Dimensional Research last month, the survey evaluated the opinions of 203 security professionals working in the retail industry.

According to the survey, 78% of retail businesses have taken additional IT security precautions for the 2020 holiday shopping season, compared with prior years. Of those, 87% said they took additional precautions explicitly because of the potential rise in online retail fraud as more consumers turn to e-commerce due to COVID-19.

“The retail industry has certainly had to adapt to the challenges of 2020, particularly as COVID-19 has either prevented or discouraged consumers from in-store shopping,” said Tim Erlin, vice president of product management and strategy at Tripwire. “Because of this, retail organizations have had to make changes this holiday season — they started earlier and expected increased volume, along with increased risk to both consumers and retailers.”

This year, 63% of retail organizations said their IT security teams started preparing for holiday shopping earlier than usual, and 57% said the current surge in online shopping has made security especially difficult.

The survey also examined the current state of best practices as mandated by major security frameworks and regulations:

  • Over half (61%) said their ability to detect and respond to a security breach is better now than a year ago.
  • About one-third (32%) characterized their organization’s capabilities for protecting customer data as “excellent” — a significant increase from only 19% who said the same in 2017.
  • More organizations are discovering IT assets automatically (97%), compared to 85% in 2017.
  • Configuration changes are identified more quickly, with 64% detecting them in minutes or hours, compared to 55% in 2017.
  • Most organizations are addressing vulnerabilities within 15 days of detection (45%), or between 15 to 30 days (35%).

Erlin added, “While we may see increased cybersecurity risk this holiday season, the basic security controls required to protect retailers haven’t dramatically changed. Understanding what assets you have, ensuring that they’re configured securely, and finding and fixing security issues are all important steps in running a secure business.”

For more detailed findings, please visit our most recent Holiday Cybersecurity Survey Report.

Recent News
Security Professionals Think Federal Government Should Play a Bigger Role in Securing Private Sector
August 15, 2022

95% request additional action to ensure the security of data and systems of non-governmental organizations

Tripwire Eases Government Resource Constraints with New FedRAMP Certified Managed Services Solution
August 15, 2022

Tripwire ExpertOps Federal reduces both the workload and complexity of managing an agency’s critical security controls.

tripwire-survey-professionals-feel-overworked-in-2020
August 15, 2022

Organizations struggle to find skilled staff, leaving 82% of security teams understaffed

IP360 Vulnerability Management Solution Awarded 5Star Review from SC Media
August 15, 2022

SC Lab testers give Tripwire IP360 top rating, highlighting sophisticated reporting and risk prioritization.

Multi Cloud Environments Pose Greater Security Challenges
August 15, 2022

PORTLAND, Ore.