» INSIGHT
MANAGING SECURITY RISK THAT IMPACT DIGITAL BUSINESS Courtney Radke - Retail CISO at Fortinet writes that the onus is on the business to implement strategies that will enable secure transaction transactions from behind the scenes
S
ince the rise of the Internet, businesses have been forced to continually shift their strategies to effectively compete in the digital marketplace. From on-demand to subscription-based offerings, all digital business models center on the use of various technologies to improve operational efficiency and the customer experience, thereby enhancing their overall value. But while digital-first strategies are proving to be beneficial across all business sectors, it is ecommerce that stands out as one of the most widely used models available. This was especially true in 2020, as many shifted to online shopping as a result of the COVID-19 pandemic. In fact, it is predicted that global B2C ecommerce sales will reach $4.5 trillion by 2021.
Security Risks Impacting Digital Business
Digital business models such as ecommerce have become a critical component of the global economy, but they do not come without their own set of risks. As organizations rush to digitize, cybersecurity is of-
30
CXO DX / FEBRUARY 2021
ten left out of the equation for the sake of saving time and initial costs. However, when security is not weaved into the framework of a digital strategy, organizations may end up losing the resources that they had initially fought to save. This fact alone should be of concern for any digital business, especially those in the ecommerce space. A rise in online shopping has led to increased web traffic, something cybercriminals have been all too quick to exploit. And in 2020, this issue only grew more significant, further impacting the security of ecommerce sites. Between September and October alone, the FortiGuard Labs team saw a 140% increase in attempted attacks targeting this space. With the knowledge that more people are shopping online now than ever before, cyber criminals have taken advantage of the increase in virtual queues and slow web processing times. With digital transformation comes the expansion of the threat landscape, presenting various opportunities for cybercriminals to target unsuspecting individuals. One strategy that threat actors have adopted is placing ads or links on trusted websites to lead shoppers away from their secure browsing experience, usually with the promise of a great deal. Upon arriving at the fraudulent site, shoppers will be directed to enter access credentials – including a username and password – that a cybercriminal can then use on the real website to steal personal information. Through the deployment of phishing, malware, and man-in-the-middle attacks, and by leveraging Rogue Access Points (APs), cyber
