CIOReview
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
| | SEPTEMBER 20218CIOReviewIN MY OPINIONE-COMMERCE SECURITY: SAFEGUARDING YOUR ONLINE BUSINESS IN THE NEW NORMALBy Parag Deodhar, Director - Information Security, Asia Pacific, VFAs internet access and adoption rapidly increases around the globe, the share of E-Commerce in the retail industry is growing exponentially. This trend has accelerated in the last one year as wary consumers opt for shopping online to minimise the pandemic risk.Retailers had to pivot theirE-Commerce strategies to cope with this sudden shift and adopted innovative methods like virtual shopping, livestreaming, contactless delivery and new payment methods. Retailersalso had to upgrade their E-Commerce applications, hosting platforms and services for optimal customer experience. This shift from brick and mortar to online shopping may well be permanent and E-Commerce is expected to remain a dominant trend going forward. However, this growing trend also entailshigher cyber risk for the E-Commerce business and requires due focus.E-Commerce, by its very nature of online transaction has always been the target for various cyber-attacks and frauds like theft of consumer and credit card data, denial of service attacks, fake websites and many more. Such attacks not only expose the business to financial losses and legal risk, but also impact the brand reputation in the long term.Consumers are also becoming cyber-savvy and want a secure shopping experience. Many businesses build their E-commerce applications on platforms provided by vendors,which enable them to leverage the best technology available and offers convenience and agility in launching the business. These platforms, like any other software are prone to vulnerabilities and need to be patched and tested regularly. Some applications use external or open source public software librariesdownloaded from online repositories or content delivery networks (CDN). Cyber criminals embed malicious code in these libraries or scripts served by CDN, making them vulnerable to "supply chain" attacks. Most modern applications are now built with open Application Programming Interfaces (APIs) and micro-services to integrate easily with external partners, payment gateways, inventory management systems, logistics partners, customer
< Page 7 | Page 9 >