Across the globe, the number of network-enabled devices is growing. As a result, enterprise information security threats are becoming a pervasive issue for companies. As digitally enabled services reveal new threats to the overall landscape, equally innovative and sophisticated technologies are needed to combat these coordinated threats.
Comcast has faced these challenges in their own retail locations across 445 stores nationwide. Recently, the Retail Industry Leaders Association (RILA) hosted Noopur Davis, Comcast’s Chief Product and Information Security Officer, to present on how Comcast’s cybersecurity team established an effective cybersecurity posture for their Xfinity retail stores.
Davis led the initiative to identify cyber threats to in-store networks, design strategies for proactively protecting customer data, and implementing internal control measures to keep up with attacks. Davis shared how she and her team approached securing their retail locations as well as best practices for other retailers to develop a holistic cybersecurity program that helps ensure safe and secure digital experiences for customers and employees.
To start their process, Davis and her team did a full risk assessment, which included a review of employee cybersecurity training, devices including workstations, laptops, tablets, point-of-sale systems and in-store cameras, network segmentation including access, proxy and unified threat management, and applications. The following is a breakdown of the key areas Davis and her team focused on:
Cybersecurity training: Needs to be customized based on the specific threat risks of each location.
Workstation devices: Provide full endpoint protection suite including endpoint detection and response, data loss prevention, configuration compliance monitoring, file integrity monitoring, hard drive encryption, and forensic analysis agent.
Payment terminals devices: Conduct a security assessment to ensure hardened configuration and application security (AppSec) to protect the retail location’s critical data from external threats by ensuring the security of all of the software used to run the business
Camera and IoT: Be sure to secure configuration and monitoring of cameras and other IoT devices.
Network security: Provide network access controls, security network configuration, URL filtering, DNS anomaly detection and continuous security posture assessment and verification.
By ingesting data on the above elements, Davis and her team were able to use machine learning (ML) to generate risk scores that estimate the probability of a security event at each specific location. This ML-based prediction of security exposures was based on a comprehensive set of security risk indicators. The details of each store’s root cause analysis also included actionable and addressable items for each location to stay ahead of risks and change with the business.
Davis concluded that security models need to be driven by the specific location vulnerabilities. It is important to note that there is no one-size-fits-all solution, so each retail location must complete regular assessments and use that data to inform their specific security model and any necessary adjustment needed. Davis emphasized that cybersecurity is a journey and not a destination – and her team remains focused on continuous cybersecurity improvements of our retail stores.