Last week, the Footwear Distributers and Retailers of America (FDRA) hosted a briefing on cybersecurity trends in the retail industry. In light of the high-profile data breaches in 2014 — including many at the retail level — the briefing aimed to inform the footwear industry on the nature of today’s cyber threats and the way to most effectively secure private information.
Keynote speaker Rick Howard, the chief security officer at Palo Alto Networks, described an ongoing shift in the way the cybersecurity community is approaching data protection. Many companies are moving from an emphasis on “layered defense” to a so-called “indicators of compromise” model. The traditional approach calls for a series of protective layers (such as firewalls) around a network in order to keep hackers out. But due to the increased sophistication of today’s cybercriminals, defense walls are more and more likely to be breached. Under the new approach, cybersecurity is conducted by analyzing the full “kill chain” — every step that a hacker must take to reach its target. By monitoring abnormal activity at each point in the chain, companies can holistically assess their network security.
Cybersecurity innovation is also a hot topic on Capitol Hill. It was noted at the briefing that Congress is considering legislation that would encourage companies to share information on data breaches with the federal government and each other. And the White House recently renewed its call for Congress to pass a bipartisan cybersecurity bill. Thus, the cybersecurity regulatory landscape could see changes in the near future, and companies should be vigilant about compliance with any new requirements.