Search
Close this search box.

We are creating some awesome events for you. Kindly bear with us.

The Philippines to Strengthen POS Systems’ Cybersecurity in Retail

As more companies in the Philippines, particularly those in the retail sector, embrace digital transformation, a cybersecurity plan should be in place as retail firms make the online transition. When it comes to security, it is crucial to acknowledge that all POS systems pose some level of risk. Many attackers are simply looking for targets by exploiting vulnerable systems and launching automated attacks on their POS environments.

The Covid-19 pandemic has increased pressure on global and local businesses to “transform” in order to remain competitive. However, according to a cybersecurity firm, this transformation should be accompanied by a solid cybersecurity strategy. With retail shifting much of its business online, many have considered adopting software-defined wide-area network (SD-WAN) technology to get the high-speed connectivity they need for their various POS systems and applications, as per the country manager of a cybersecurity firm in the Philippines.

The executive added that this new solution, however, may “open” the business networks of retails firms “to new vulnerabilities and threats and that retailers need to find a better way to secure their network environment.”

Point-of-sale (POS) malware is now one of the cybercriminals’ primary sources of stolen payment cards. Despite making headlines in the last year, the POS malware threat has been slowly germinating since 2005.

The Manager of Systems Engineering at the global security and provider in the Philippines said retail firms continue to face the challenges of digital transformation, including managing risks and compliance, having end-to-end visibility, and operational efficiency. On top of these challenges, he said, retail firms must also address cybersecurity issues. One very common issue is data security: data stored in retail firms’ point-of-sale (POS) devices and in the cloud are “a common and lucrative target for cybercriminals.”

According to the security and network provider, “for retailers to achieve security proficiency, maintain PCI compliance, and stay up to date with ever-changing data privacy regulations, their information technology (IT)T teams require extensive visibility and control across environments.” Considering the number of devices and POS systems dispersed across store locations, it can be easy for security teams to lose track of what they’re meant to protect – therefore, end-to-end visibility must be achieved early on, and continuously maintained, in any retail cybersecurity plan, the company said.

This necessitates an integrated security fabric that enforces consistency across the entire attack surface; it should also enable centralised and consolidated management and control, even in the largest distributed retail networks. There are numerous ways for a POS to prevent data breaches or accidental data misuse. If your point of sale is used to collect customer data, such as contact or payment information, your company will be held liable in the event of a data breach.

As a result, many retailers now use network-level encryption even within their own networks. While that change safeguarded the data as it moved from one system to the next, credit card numbers are not encrypted in the systems themselves and can still be found in plain text within the memory of the POS system and other computer systems responsible for processing or passing on the data. Because of this vulnerability, “RAM-scraping” malware has emerged, allowing attackers to extract data from memory while the data is being processed inside the terminal rather than when the data is travelling through the network.

The manager also stated that it will depend on the requirement of a local retailer. The executive said local retailers can start “small.” Perhaps they can secure a few servers or secure a subscription-based security plan, he added. The company further said, “the evolving nature of technology and changing consumer expectations is a constant — something retailers quite simply must embrace or avoid falling behind.” For businesses to survive in this new era, they must adapt and accept that their success ultimately hinges on how well they can utilise digital technology in its many forms, the company noted.

PARTNER

Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.

PARTNER

As a Titanium Black Partner of Dell Technologies, CTC Global Singapore boasts unparalleled access to resources.

Established in 1972, we bring 52 years of experience to the table, solidifying our position as a leading IT solutions provider in Singapore. With over 300 qualified IT professionals, we are dedicated to delivering integrated solutions that empower your organization in key areas such as Automation & AI, Cyber Security, App Modernization & Data Analytics, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Renowned for our consulting expertise and delivering expert IT solutions, CTC Global Singapore has become the preferred IT outsourcing partner for businesses across Singapore.

PARTNER

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.