As the festive season fast approaches, shoppers are looking to online retail to avoid the packed malls and the long, tedious queues. The good news is that South Africa’s online retail sector is growing at a steady pace, writes Cathy Smith, MD of Cisco Southern Africa.

In fact, Statistics South Africa figures show that retail trade sales notched up by 3,3% in 2015, compared to 2014, to R762 billion. Additionally, the 2016 Nielsen Mobile Shopping, Banking and Payment Survey, found that mobile devices have become an indispensable shopping companion, with South African respondents saying they used their mobile device to research (59%) or purchase (36%) a product or service online.


As online shopping gains popularity, cyber-crime soars

With that in mind it is therefore no surprise that online shoppers are prime targets for cyber criminals. Despite our hyper-awareness of this fact, the truth is that cyber criminals are getting smarter. In the past, many online criminals lurked in the shadows of the Internet, avoiding detection.

Today, some emboldened cybercriminals are tapping into legitimate online retail stores. Gone are the days where a cyber-criminal may be easily detected and even apprehended. According to Cisco 2016 Annual Security Report, today’s attackers have the know-how evade and reconstruct. In other words, attackers are building resiliency into their operations. If detected, attackers quickly reconfigure and can reconstitute on new systems with new IPs in minutes. This places the online shopper in serious danger. Online retailers therefore need to rethink the way they manage attacks.


Power in numbers

The online retailer now has a responsibility to ensure the safety of their shoppers. The Cisco Annual Security Report notes that at present the largest constraint to protecting any organisation is a low degree of collaboration.

During security incidents, on average only 21% of businesses notify business associates, only 18% notify external authorities and a mere 15% notify insurance companies. With little communication around cyber security issues, cyber criminals continue with consistent attacks. Collaboration also reduces the time to detection of future attacks. We define “time to detection,” or TTD, as the window of time between the first observation of an unknown file and the detection of a threat. A reduced TTD essentially ensures a faster response time.

In the post–Edward Snowden era, retailers can no longer afford to not internally collaborate against cyber- attacks.


Safeguarding the shopping mall of the future

South African online retail has the potential to grow from strength to strength, if shoppers feel secure when entering the online realm. For the past 25 years, the traditional model for security has been “See a problem, buy a box”.

But these solutions, often a collection of technologies from many different security vendors, don’t talk to each other in any meaningful way. They produce information and intelligence about security events, which are integrated into an event platform and then analysed by security personnel.

An integrated threat defence architecture is a detection and response framework that offers more capabilities and supports faster threat responses by collecting more information from deployed infrastructure in an automated, efficient manner. Although cyber-criminals are evolving at a rapid pace, the implementation of a richer network of security architecture can mean the difference between longevity and success.