Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Most Retailers Haven't Fully Tested Their Breach Response Plans
More than 20% lack a breach response plan altogether, a new survey shows.
1 Min Read
Nearly 75% of IT security professionals from the retail industry say their companies do not have a fully tested plan to address a security breach, according to a Tripwire report today.
Some 28% of survey respondents do have a fully tested breach plan, while 21% lack a plan altogether, the report notes.
Additionally, 21% of survey respondents say they don't have the means to notify customers of a data breach within 72 hours of its occurrence. That runs counter to the requirements of the General Data Protection Regulation (GDPR), which in May begins the financial penalty phase for noncompliance. GDPR fines can reach as high as 4% of a company's revenues.
Only 23% of survey respondents feel fully prepared to incur financial penalties, the survey says. "Considering the amount of high-profile data breaches that have occurred recently, plus the continued discussion around GDPR, it is surprising and concerning that many retailers do not have a tested plan in the event of a security breach," says Tim Erlin, vice president of product management and strategy at Tripwire, in a statement.
Read more about the survey here.
About the Author
You May Also Like
More Insights
Webinars
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024
