Retail Employees Lack The Ability to Identify Security Best Practices, Survey Finds.

By Christine Kern, contributing writer

Just 29 percent are aware of best ways to prevent cyber and data privacy incidents.

Retail employees are not that savvy when it comes to identifying the best practices for cyber security incident prevention, according to a new survey from MediaPro. The 2017 Privacy & Security Awareness in Retail Report found that just 29 percent of retail employees could identify such best practices.

MediaPro surveyed 847 retail employees across the U.S. across eight common data privacy and cybersecurity risk areas. The study found that 71 percent of them were profiled as “risks” or “novices,” whose actions could lead to a leak of sensitive customer data. Further, just 29 percent were profiled as “heroes,” who held strong knowledge of security and privacy best practices. These individuals are best-prepared to deal with many cyber threats.

The survey demonstrates that, even as the industry is being pushed to adopt mobile payment technologies to enhance customer experiences, they are lagging in the means to protect that data. Despite the increased attention on payment card industry (PCI) compliance, retail remains a popular target for cybercriminals. MediaPro asserts that retailers need to address cybersecurity and data privacy not just as compliance matters, but as risk management matters. In fact, for the first time ever in 2016, 100 percent of retailers cited data privacy and security breaches as a potential risk to their business in 2016.

Since retailers face an average of 8 cyberattacks per year, with an average cost of a data breach at $4 million, and 43 percent of all retail organizations experienced at least one phishing attack in the last six months of 2016, it is clear that training employees to be vigilant against cyberattacks must become a clear part of the retail agenda.