Retailers can reduce cyber liability risk if managers know exactly where computer files containing sensitive information is stored.
Many retailers are “expanding their digital footprints” and storing personal information – such as customers’ names and addresses – on computers, noted Rocco Galletto, leader of Deloitte’s Cyber Security Managed Services practice in Canada, in an interview Friday.
Quite often what happens is a retailer “didn’t realize that a particular piece of data” was on “that particular” computer server or electronic storage device, suggested Galletto, commenting in general and not on any particular retailer.
A breach of sensitive data can be caused by “physical theft of electronic data,” a malicious insider or employee error, notes Wawanesa Insurance.
A retailer can be punished by government privacy officers – and even sued by people whose sensitive information was compromised – in the event of a data breach. This is true even if the retailer is innocent of any wrongdoing and the customer does not suffer a financial loss.
For example, Home Depot – whose payment card system was hacked in 2014 – agreed as…
