Security for Retail Assets During a Pandemic

By: Maureen Gray and Mark Hoffman of Blue Ridge Networks

Now that we are more than six months into 2020, we’re getting a clearer sense of how the cybersecurity landscape has been affected. Throughout the pandemic, we’ve seen a steady increase in the volume of both successful and attempted cyberattacks. In the past six months, cyberattacks have been more tactical and targeted than ever. As a result, they’ve had a greater success rate and a devastating impact on countless businesses worldwide. The retail industry has been hit particularly hard during the coronavirus pandemic. After having to close their doors to comply with social distancing mandates, reopening has caused businesses to become a high priority cyberattack target yet again. The majority of these attacks were on devices that were not effectively segmented from the network, giving malicious actors the ability to move laterally through an otherwise secure infrastructure.

By integrating e-commerce platforms into back end systems such as inventory, payment, and data networks, retailers have created significant opportunity for a breach. Physical stores present cybersecurity challenges of their own, with both telecom and endpoint security solutions introducing new endpoints that may be compromised. The new and evolving tactics used by hackers have made many legacy security solutions ineffective in protecting against an attack – even if they are compliant with industry regulations.

According to the 2019 Thales Data Threat Report, 62 percent of U.S. retail survey respondents reported a breach in their history, 96% use sensitive data on digitally transformative technologies, and only 36% use data encryption within their environment. As payment security breaches have increased throughout the years, retailers are faced with an increased number of controls required by the PCI DSS and an increased fine for noncompliance. Yet, even PCI compliant organizations are still experiencing breaches. With the cost and complexity of deploying traditional IT solutions across disparate remote stores, it becomes extremely challenging to ensure all controls are in effect. 

Our case study tells the story of how a major retailer segmented and secured its networks and POS devices, while maintaining connectivity and uptime for its 220 remote stores. In doing so the retailer reduced CapEx and OpEx by 50% through PCI Network simplification, completed PCI audits 60% faster without additional IT staff, and reduced attack surface by 90% through cloaking, network isolation, and encryption. All this for an affordable fixed cost per store. You can find more stats and learn more by reading the full Retail Case Study, here.

Maureen Gray created the Managed Services division within Blue Ridge Networks nearly 20 years ago to provide secure outsourced remote access and site to site network services to government agencies and commercial customers, especially within the healthcare and financial industries. She designed and established multiple SAS-70 certified secure Colocation facilities to house both managed services customer equipment and Blue Ridge management equipment. She also implemented the Blue Ridge system for Secure Remote Access with Single Sign-on to Active Directory, using government-issued Common Access Card (CAC) certificates, within the DOIM communities.
Mark Hoffmann is VP of Marketing for VentureGroup Enterprises and is contracted by Blueridge Networks. He’s a graduate of Southern Illinois University with a Communications degree and has sat on the Channel Advisory Boards of Verizon and AT&T. For more information on Blueridge Network solutions contact Mark at