Retail and Technology

Cyber Monday clicks on risk management

November 29, 2013
Text Size:
A key component of cyber risk management is data security. Photo via

Cyber Monday has become one of the biggest shopping days of the year — and a marker of the year-round risk of selling online.

Cyber Monday sales reached $1.47 billion in 2012, which was 17 percent higher than the year before, according to a report last year.

Sales totals are expected to increase again this year, though the percentage of growth will most likely be less than what was seen previously.

With that kind of spending expected, there is a lot at stake for businesses hoping to make the most of Cyber Monday sales.

Businesses need to make sure they are ready for that influx of customers, according to risk management firm Aon.

Topping the Cyber Monday to-do list are making sure websites can handle the increased traffic and making sure customer data is secure, said Steve Bridges, senior vice president of Aon Risk Solutions.

“There are lots of things companies can do from a network infrastructure perspective to make sure they have enough server capacity,” Bridges said.

Data security

Surprisingly, he said Cyber Monday does not pose a higher risk than other days of the year, but it’s a good time for companies to think about their data security.

“You should have network security practices and procedures in place to protect your data, including things like encryption and making sure (of the) vendor you use to assist with payment processing," Bridges said. "A lot of the retailers use third parties to help them process credit card transactions — properly vetting those vendors is important to make sure they have adequate security measures in place."

Bridges also said more companies are purchasing cyber coverage to protect themselves from the potential financial ramifications of a data breach.

“There’s lot of examples out there of large retailers, or small, that have lost credit card information and suffered large damages due to data breach,” Bridges said.


A company can incur a variety of costs if data is stolen: costs of notifications that companies are legally required to undertake; forensic costs to determine what happened; costs of involvement by the state attorney general or other regulatory body and costs of customer relations responses, such as credit vouchers.


And then there are the potential lawsuits.

For instance, Bridges pointed out that the supermarket chain Schnuck Markets recently reached a costly class action settlement, following a data breach that compromised 2.4 million credit and debit cards.

Recent Articles by Charlsie Dewey

Editor's Picks

Comments powered by Disqus