"Most often, phishing emails with malicious attachments and links,

[tanjimajuha20]

my opinion, is to increase the efficiency of previously made investments in information security and to solve specific problems of import substitution or modernization of security systems," comments Daniyar Iskhakov. "Retail has never previously felt like a target for global hacker attacks and was more focused on the development of IT that supports and develops business. The costs of the information security system were largely perceived as formal obligations to comply with personal data protection requirements. Retail, like the financial sector, has a high level of digitalization, but the need to provide macedonia whatsapp resource convenience and functionality for business users and the absence of any restrictions from the regulator often led to the use of foreign or open-source solutions in both IT and information security, since domestic solutions were previously significantly inferior in functionality and ease of use. But retailers felt the problem of the complexity of extending support and scaling foreign solutions and / or a shortage of information security solutions to ensure the security of their IT infrastructure, so they are more focused on the implementation of new information security solutions, ensuring the staffing of information security specialists to service new security systems and their training.

as well as publicly available applications and services that provide remote access to the internal network from the Internet (publicly available RDP servers, VPN services, including using valid existing accounts) are used for initial penetration into the internal network of retail and e-commerce companies," says the report based on the results of the Angara Secutiy study, according to which the retail industry is named among the three most attacked by the results of 2023. The main penetration vectors are phishing and social engineering, attacks on supply chains and through open source solutions. In these conditions, according to Angara Secutiy analysts, the cyber literacy of employees is becoming an important factor in ensuring cybersecurity for retail and e-commerce.

"In my opinion, the prioritization in these industries is primarily related to the specifics of the work and processes," said Denis Chigin, Head of the Technological Expertise Department at Softline. "The same retail is inclined to constantly expand its presence in some stores, which requires additional personnel and their training. This, in turn, leaves its mark on what kind of information security projects it implements, since the events that colleagues in retail are trying to prevent are dictated by the same industry specifics. Moreover, I would not call the level of digitalization in retail, at least in large chains, low. It is enough to look at how quickly the segment adapted to the COVID realities. And I would not say that development somehow slowed down and stopped after that. In other industries, development may be moving along slightly different vectors, which leaves its mark on the priorities in terms of information security projects."