LP Magazine

JUL-AUG 2014

LP magazine publishes articles for loss prevention, asset protection, and retail professionals covering shrinkage, investigations, shoplifting, internal theft, fraud, technology, best practices, and career development.

Issue link: http://digital.lpportal.com/i/352439

Contents of this Issue

Navigation

Page 19 of 68

reevaluated, and a collaborative security strategy that includes loss prevention absolutely must be part of the conversation," Foster states. "The success of the organization simply depends on it." Building Bridges "When it comes to dealing with data-security issues in the business world, there are basically two kinds of companies—those that have discovered that they've been breached, and those that have been breached and don't know it." While this may be a strong statement, it offers an equally powerful message to the retail community. We recently sat down with Brian White, who leads the global security services business for The Chertoff Group. As previously mentioned, The Chertoff Group is a global security advisory firm that provides clients with high-level security strategies that are designed to help manage risks and protect against a wide spectrum of business threats. White works with a broad range of clients who are seeking a new strategic direction to meet their growth objectives. He primarily focuses on cyber-security and innovative technology. The retail industry has become a primary target for malicious cyber activity, with both individuals and criminal networks trying to steal financial information, identity information, and credit card information. But issues have the potential of going even deeper. As demonstrated by recent U.S. indictments against Chinese military officers accused of stealing trade secrets from American companies, there is even the potential for business strategies, processes, products, and other valued information to be targeted by nation states seeking to pirate intellectual property and related business assets. "There are also many ways that these breaches can occur," states White. "That's part of what makes it such a complex issue. Some methods are fairly unsophisticated, exploiting people's natural inclination to trust others, for example. False emails may be sent to company employees, encouraging the employee to open a file or download a link that allows the criminal to back their way into the network and ultimately exposes the business to the intrusive malware—a process commonly referred to as 'spear phishing.' Other methods may be much more sophisticated, with the cybercriminals investing in any number of intricate tools that will allow you to hack into the system." While such threats can never be eliminated entirely, a key aspect of any protection policy is managing the potential risks. This involves understanding where your vulnerabilities may occur, what the potential consequences might be, and working together internally as a team to minimize those vulnerabilities. This is where retail must continue to build the bridges within our existing infrastructure. Throughout the retail environment, the LP and IT departments typically have very different roles and responsibilities. Their functions within the organization are carved from distinctive stones, BUILDING A NEW DEFENSE TEAM Brian White 19 LP MAGAZINE | JULY - AUGUST 2014

Articles in this issue

Archives of this issue

view archives of LP Magazine - JUL-AUG 2014