A recent RSA announcement introduced the results of a study conducted by the Ponemon Institute that examined the cost of fraud and online disruption coinciding with Cyber Monday (December 2).   Cyber Monday is of course just around the corner, and it’s the biggest online shopping day of the year, taking place annually the Monday after each Thanksgiving.  The study surveyed 1,100 IT staff inside of retail organizations in the U.S. and UK.  All this shopping activity is a massive target for cybercrime, and it comes with a number of issues addressed within this report.  Also discussed were the most popular and most damaging methods of attack, from payment and account fraud, to mobile and online account hijacking, to Denial of Service attacks – lots of stuff going on Cyber Monday that may not be at the forefront of people’s minds.

Major findings

Some of the most notable findings include:

• Cyber Monday represents an average 55% surge in daily online/mobile retail revenues.
• A corresponding surge in attacks drives hard losses, on average, as much as $500,000 per hour or $8,000 per minute.
• Customer churn from reputation and brand damage can drive losses to as much as $3.4 million from a single hour of disruption.
• While 64% of organizations see significant increases in attack activity, only 23% of attacks can be detected quickly and remediated, and nearly 70% of organizations do not take additional precautions in anticipation of increased attacks.

A $3.4 million loss from a single hour of disruption, that’s a stunner.  Another astonishing discovery is that despite the fact that a majority of merchants experience a spike in attacks centered around the holidays, most admit they are not able to detect them.

Risk-layered security approach and Security Analytics

RSA IT Threat Strategist Demetrios Lazarikos, an alumni of theCUBE – adds the following:

“The competitive climate and the unpredictability of the economy does not leave organizations much margin for business error. Unfortunately, the stealth and savvy cybercriminals have advanced to a point where traditional security and fraud defenses on which businesses rely on are at best insufficient and at worst…obsolete.  Business logic abuse hides in plain sight because it uses ‘legitimate’ processes for illegitimate gain. The problem requires universal visibility, a risk layered approach, and a new way of understanding the adversary.  Isolating the outliers in crowd behavior that indicate attacks is critical for identifying malicious behavior and business logic abuse.”

Lazarikos alludes to analytic security here and RSA’s Security Analytics platform is part of the multi-layered technology foundation that is delivering this type of next-generation security, making a lot of waves in the enterprise.  Without a doubt, there are a number of emerging products and options out there, but with EMC’s position in the market as an enterprise juggernaut and a massive history of collaborative business relations, the platform is growing rapidly.

Security innovation is a business advantage

Dr. Larry Ponemon, Chairman and Founder of The Ponemon Institute adds:

“While the findings here are admittedly shocking, they underscore an age-old issue in that budgets and business dynamics perpetuate vulnerability and keep organizations behind the eight ball. However, all is not lost. Forward-thinking organizations that have the agility to break from the status quo and embrace innovation can not only better protect their business, but also gain a massive advantage. Reducing losses from fraud and increasing trust in the brand can propel a business ahead of its competitors.”

Dr. Ponemon invokes the specter of risk in the business picture and even suggests that solid security are not just protection, but goes way beyond that into the realm of an actual business advantage.  Better security means a better business.

Cybercrime opportunities

Clearly, there’s plenty of opportunity for cyber-fraud as the holiday shopping season approaches, and you can bet that cybercriminal groups are gearing up for attack against retail organizations as we get closer. The RSA/Ponemon report indicates an alarming act of organizational preparedness and lack of action in the face of this very urgent and inevitable threat.   The threat scenarios are many, and include the following list, ordered by likelihood:

• Botnet and Distributed Denial of Service (DDoS)
• App Store Fraud
• Mobile Access/Account Compromise
• Click Fraud
• Stolen Credit Card Validation
• eCoupon Abuse
• Account Hijacking
• Electronic Wallet Abuse
• Brand Promotion Hijacking

It should be pretty clear that familiar and ugly-looking stuff is on the horizon, just turned way up and bigger impact.  Cyber Monday harbors these kinds of threats because of the magnitude of retail activity taking place.  The thing about a great majority of these threats is that with a comprehensive security program in place, much of the damage that can come from incidents can be tempered or even eliminated.  A lot of that depends on the classic foundation built on training, policy and technology, but Cyber Monday and the scale of activity it introduces really emphasizes the technology aspect of it.  Tools that introduce real-time web traffic visibility can help organizations get down to root causes quickly.  Naturally this means massive efforts and expenditures, but the alternative as revealed within the report could mean some pretty big revenue-impact exposure.  Cyber Monday is not for the meek and that goes double for the security community.

photo credit: Abdulmajeed Al.mutawee || twitter.com/almutawee via photopin cc, #theCube