A mix of email security, social engineering, data protection and PCI DSS training modules are prescribed to address retail’s biggest security awareness challenges

PITTSBURGH, PA - November 1, 2016 - 

Retail organizations have long been a target for cyber criminals seeking opportunities to gain access to valuable credit card and personal information, as well as internal policies and procedures. Wombat Security Technologies (Wombat), the leading provider of cyber security awareness and training, today announced the launch of its Security Awareness and Training Program for Retail Organizations to help combat the cyber security and education challenges unique to retail enterprises.

According to Symantec, the retail industry sector was the most heavily exposed to phishing attacks[1] in 2015, and Gemalto reported more than 40 million retail records were lost or stolen[2]. The average cost per record breached across retail organizations is $172[3] according to the Ponemon Institute, and Wombat’s Beyond the Phish™ 2016 report revealed 37% of users in the retail industry performed poorly on assessment questions related to proper protection and disposal of sensitive data. With Verizon reporting a staggering 63% of confirmed breaches involving the use of weak, default or stolen passwords and a third of employees opening phished messages or links[4], these costly attacks are fueled by the industry’s wide spread lack of knowledge on security best practices.  

“The discovery that end user behavior leads to a massive volume of cyber security risks within retail is both a concerning and addressable revelation for leaders in a retail enterprise,” said Joe Ferrara, President and CEO, Wombat. “Many of the security pain points retail organizations are experiencing today can be addressed and negative impacts significantly reduced with greater security awareness. Wombat developed this prescriptive training format with retail organizations specifically in mind, and it addresses each area of concern with actionable, measurable, and effective educational strategies. Our retail customers that have applied our methodology with success are already seeing significant reductions in vulnerability and risk after deploying the Wombat program.”

Wombat’s Security Awareness and Training Program for Retail Organizations follows the company’s proven Continuous Training Methodology, and the program bundle includes:

  • Assessment of End User Knowledge. Kicking off cyber security education efforts with a Payment Card Industry Predefined CyberStrength evaluation will give retail organizations a baseline measurement of staff’s knowledge on PCI DSS and allow program leaders to immediately address areas of vulnerability.
  • Assessment of End User Vulnerability. ThreatSim’s phishing simulations can be used in concert with CyberStrength knowledge assessments to evaluate users on multiple threat vectors, such as malicious attachments, embedded links, and requests for personal data. Program leaders can track results at the campaign and user levels to focus on the areas within the retail space that need the most improvement.
  • Building End User Knowledge of Email Security, Social Engineering, Data Protection and PCI DSS. Additional modules on mobile device, password, and physical security, as well as identifying unsafe URLs and how to protect against ransomware are recommended for retail organizations looking to support an effective ongoing reinforcement program.
  • Reinforcing and Leveraging End User Knowledge. Wombat’s PhishAlarm email client add-in enables employees to report a suspected phishing email with a single mouse click, allowing the IT security team to begin an investigation. Materials such as posters and graphics placed in common areas can be used as visible reminders or best practices learned. Articles to include in organizational newsletters or posted to an intraweb will be available for delivering year round reminders of the importance of completing trainings and staying up-to-date on the latest threats.

Companies deploying Wombat’s Security Awareness and Training Program for Retail Organizations will have access to detailed reports that offer broad and granular insights into assessment results, progress checks and additional gamification techniques to further motivate users and encourage participation. This approach coupled with Wombat’s Continuous Training Methodology has allowed Wombat’s retail customers to experience up to a 99% reduction in phishing vulnerability.

To learn more about the Security Awareness and Training Program for Retail Organizations, including Wombat’s suggested program plan, which maps out a recommended schedule for assessments and training assignments, please contact Wombat at info@wombatsecurity.com.

About Wombat Security Technologies
Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS-based cyber security education solution includes a platform of integrated broad assessments, as well as a library of simulated attacks and brief interactive training modules. Wombat's solutions help organizations reduce successful phishing attacks and malware infections up to 90%. Wombat, recognized by Gartner as a leader in the Magic Quadrant for Security Awareness Computer-Based Training Vendors, is helping Fortune 1000 and Global 2000 customer in industry segments such as finance and banking, energy, technology, higher education, retail and consumer packaged goods to strengthen their cyber security defenses.

 

Wombat Security Contact:
Julie Frey
wombat@shiftcomm.com
512-792-2550

Susan Mackowiak
press@wombatsecurity.com
412-621-1484 x 126