It’s hard to believe Thanksgiving is almost here, and with it, the frenzy of the holiday shopping season fast approaches. Whether you are camping out overnight for “Black Friday” bargains, or waiting for the online deals of “Cyber Monday,” the odds are you are more nervous than ever about the safety and security of your financial information against holiday scammers. At least, so indicate the results of UpGuard’s survey of over 1,200 respondents in November 2016. The survey finds that 95% of consumers are to some degree concerned about the security of their information online, and more than half would break with their favorite brands if they knew their information was at risk; full survey results can be viewed here.
Such concerns are, unfortunately, not unwarranted; a series of massive data breaches of retail chains such as Home Depot and Target have exposed the information of millions of customers to nefarious information thieves. Fortunately, there is an easy way of assessing the cyber risk of using your financial information for online shopping; as of today, anyone can now download a Google Chrome extension that will scan every website they visit and automatically produce a CSTAR score, a single measure of cybersecurity risk indexed between 0-950. Higher numbers carry a green icon to indicate a more secure website, while middling and low numbers indicating greater cybersecurity risk are given corresponding orange and red icons, respectively.
UpGuard graded the cybersecurity of the top 25 online retailers (according to eMarketer) and found a massive range of scores. Any score under 550 is considered in the “danger zone” of cybersecurity risk. The full table of results, ordered from best performers to the worst, is included below.
The Home Depot
Shop with prudence, and look for online retailers that score well using the CSTAR metrics, to ensure your information is securely handled. You learn about and download the Chrome extension here. Safe shopping, and happy holidays!
Misconfigurations are an internal problem that emanate from within the IT infrastructure of any enterprise; no hacker is necessary for massive damage to occur to digital systems and stored data. And the problem is pervasive, with Gartner estimating anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems.