Tenable says that in fact, the Office of the Australian Information Commissioner’s Notifiable Data Breaches report revealed that the Australian retail sector was the third most targeted industry when it comes to cyberattacks, after finance and health.
Tenable notes that with the increasing sophistication in cybercrime, the rise in regulatory demands, and customers’ high expectations for digital experiences, it is urging fashion brands to strengthen their cyber defences and make Active Directory (AD) security a strategic imperative.
“AD has become the favoured target for attackers to elevate privileges and facilitate lateral movement through leveraging known flaws and misconfigurations,” said Scott McKinnel, country manager for Tenable ANZ.
“Unfortunately, most fashion organisations struggle with AD security due to misconfigurations piling up as domains increase in complexity, leaving security teams unable to find and fix flaws before they become business-impacting issues.”
Tenable says that the fashion industry, like many other industries, faces a number of security challenges when it comes to protecting its AD environment.
“Mergers and Acquisitions (M&A) can present a significant challenge for the fashion industry when it comes to AD security. During the M&A process, companies may need to merge multiple AD environments which can be complex and time-consuming and can be difficult to ensure that all systems and data are properly integrated and secured,” warns Tenable.
“Supply chain attacks target vulnerable third-party suppliers or vendors to gain access to a target organisation's systems and data. In the context of AD, an attacker could exploit vulnerabilities in a third-party software or service integrated with AD to gain access to sensitive information, such as customer data and financial information
“Today, data is the most valuable asset for fashion businesses. The idea of data security for the fashion vertical has expanded beyond the traditional safeguarding of designs and patterns to include valuable information regarding customer demographics and shopping habits. The main security threat comes from industrial espionage — competitors trying to obtain classified information stealthily.”
Tenable says Active Directory is equipped with the capabilities to proactively detect security threats within a fashion company’s AD infrastructure — arising from merger & acquisition activities, weak links in the supply chain and poorly guarded data— and respond to live attacks to stop attackers in their tracks.