IBM (NYSE: IBM) today announced the SecureStore framework, a new way to provide retailers with cost-effective solutions to help reduce the billions of dollars of losses caused each year by physical theft, electronic data breaches and compliance violations.
Retailers today in every segment are under tremendous pressure to protect margins amid a "perfect storm" of business risk:
* Preventing physical loss, increasingly perpetrated by organized criminal groups;
* Protecting against database breaches and other electronic threats, often perpetrated by those same criminal groups;
* Complying with Payment Card Industry (PCI) regulations for customer data protection.
According to the 2008 National Retail Federation Organized Retail Crime Survey, 85 percent of the retailers surveyed indicated they had been victims of organized retail crime in the last 12 months. This represents as much as $30 billion in retail losses each year, according to the Federal Bureau of Investigation. These same criminal organizations are also attacking retailers online and are largely responsible for the 245 million electronic personal records that have been stolen since January 2005, according to the Attrition.org database of data breaches.
"We are seeing threat convergence in the retail sector. The same organizations perpetrating in-store theft are also attacking retailers online," said Val Rahmani, general manager of IBM Internet Security Systems. "When you combine this trend with threats such as insider theft and Web site denial-of-service blackmail, along with ever-evolving PCI requirements, retailers are under immense pressure and simply don't have the resources to cope. IBM's new SecureStore framework is the first truly converged security and compliance framework that can help effectively combat today's new generation of converged threats."
SecureStore delivers a comprehensive framework for protecting against online and physical risks that can help retailers reduce losses from theft, prevent brand and financial damage from data breaches and help reduce the cost and complexity of complying with PCI and other regulations. This solution arrives just in time for the holiday season, when retailers are most vulnerable to risk.
"Retail is about high volume of people, products and transactions going through stores and systems," Daniel Marcotte, Director of Systems and Data Security, La Senza. "We have to control access to the data such business model generates and prevent its theft. Our customers' confidence is critical to us. The SecureStore framework provides everything La Senza needs to assess our current security and compliance posture, and take remedial action before the holiday rush begins."
In addition to helping protect retailers from organized retail crimes and in store losses, the SecureStore framework can help retailers provide consumers with more protection from identity theft, stolen credit card information and fraudulent purchases. Recent studies show that most shoppers will take their business elsewhere if they find out their personal information was compromised. With SecureStore, retailers can help allay consumer concerns, while safeguarding themselves against financial losses or harm to their brands.
SecureStore is a framework of products and services divided into four logical categories:
- Management -- IBM Internet Security Systems (ISS) is currently one of only four globally certified PCI assessors in the world. This makes IBM ISS uniquely qualified to provide comprehensive PCI assessments.
- Network -- SecureStore brings together IBM's comprehensive security offerings from its ISS, Rational and Tivoli business units to help protect databases and applications from network-based threats. The network is the vector through which most data breaches occur; however it is critical for retailers to also deploy technology that protects applications and databases.
- Assets -- IBM's next-generation Smart Surveillance and item-level RFID systems lead the SecureStore framework's array of solutions for helping to protect physical assets from both internal and external threats. The SecureStore framework provides solutions to help track, manage and monitor the movement of inventory and the maintenance of fixed assets.
- Transactions -- The SecureStore framework consists of comprehensive security technologies for helping to protect both online and in-store transactions. Additionally, IBM can deliver security rich, service-oriented architecture (SOA)-based electronic transaction solutions for the entire retail supply chain. The SecureStore framework helps drive fraud out of the process by helping to protect the identity of transaction parties and the integrity of transaction themselves.
The SecureStore framework is available immediately and retailers can contact their IBM representatives to begin the assessment process before the holidays.
"Retailers should be in the business of selling products, not stopping security threats. The SecureStore framework enables them to get back to what they do well, and to offload some of their security and compliance challenges to one of the world's foremost provider of business solutions," said Karen Lowe, general manager, Global Retail Sector, IBM. "No other company can provide a solution of this scope to the retail sector. And SecureStore goes beyond today's security and compliance requirements. It helps establish a foundation that enables retailers to exploit new business opportunities without introducing new risk to the enterprise -- whether that involves expansion, acquisition or exploiting new channels such as mobile commerce and kiosk-based sales."
About IBM
For more information about IBM, visit http://www.ibm.com.
Retailers today in every segment are under tremendous pressure to protect margins amid a "perfect storm" of business risk:
* Preventing physical loss, increasingly perpetrated by organized criminal groups;
* Protecting against database breaches and other electronic threats, often perpetrated by those same criminal groups;
* Complying with Payment Card Industry (PCI) regulations for customer data protection.
According to the 2008 National Retail Federation Organized Retail Crime Survey, 85 percent of the retailers surveyed indicated they had been victims of organized retail crime in the last 12 months. This represents as much as $30 billion in retail losses each year, according to the Federal Bureau of Investigation. These same criminal organizations are also attacking retailers online and are largely responsible for the 245 million electronic personal records that have been stolen since January 2005, according to the Attrition.org database of data breaches.
"We are seeing threat convergence in the retail sector. The same organizations perpetrating in-store theft are also attacking retailers online," said Val Rahmani, general manager of IBM Internet Security Systems. "When you combine this trend with threats such as insider theft and Web site denial-of-service blackmail, along with ever-evolving PCI requirements, retailers are under immense pressure and simply don't have the resources to cope. IBM's new SecureStore framework is the first truly converged security and compliance framework that can help effectively combat today's new generation of converged threats."
SecureStore delivers a comprehensive framework for protecting against online and physical risks that can help retailers reduce losses from theft, prevent brand and financial damage from data breaches and help reduce the cost and complexity of complying with PCI and other regulations. This solution arrives just in time for the holiday season, when retailers are most vulnerable to risk.
"Retail is about high volume of people, products and transactions going through stores and systems," Daniel Marcotte, Director of Systems and Data Security, La Senza. "We have to control access to the data such business model generates and prevent its theft. Our customers' confidence is critical to us. The SecureStore framework provides everything La Senza needs to assess our current security and compliance posture, and take remedial action before the holiday rush begins."
In addition to helping protect retailers from organized retail crimes and in store losses, the SecureStore framework can help retailers provide consumers with more protection from identity theft, stolen credit card information and fraudulent purchases. Recent studies show that most shoppers will take their business elsewhere if they find out their personal information was compromised. With SecureStore, retailers can help allay consumer concerns, while safeguarding themselves against financial losses or harm to their brands.
SecureStore is a framework of products and services divided into four logical categories:
- Management -- IBM Internet Security Systems (ISS) is currently one of only four globally certified PCI assessors in the world. This makes IBM ISS uniquely qualified to provide comprehensive PCI assessments.
- Network -- SecureStore brings together IBM's comprehensive security offerings from its ISS, Rational and Tivoli business units to help protect databases and applications from network-based threats. The network is the vector through which most data breaches occur; however it is critical for retailers to also deploy technology that protects applications and databases.
- Assets -- IBM's next-generation Smart Surveillance and item-level RFID systems lead the SecureStore framework's array of solutions for helping to protect physical assets from both internal and external threats. The SecureStore framework provides solutions to help track, manage and monitor the movement of inventory and the maintenance of fixed assets.
- Transactions -- The SecureStore framework consists of comprehensive security technologies for helping to protect both online and in-store transactions. Additionally, IBM can deliver security rich, service-oriented architecture (SOA)-based electronic transaction solutions for the entire retail supply chain. The SecureStore framework helps drive fraud out of the process by helping to protect the identity of transaction parties and the integrity of transaction themselves.
The SecureStore framework is available immediately and retailers can contact their IBM representatives to begin the assessment process before the holidays.
"Retailers should be in the business of selling products, not stopping security threats. The SecureStore framework enables them to get back to what they do well, and to offload some of their security and compliance challenges to one of the world's foremost provider of business solutions," said Karen Lowe, general manager, Global Retail Sector, IBM. "No other company can provide a solution of this scope to the retail sector. And SecureStore goes beyond today's security and compliance requirements. It helps establish a foundation that enables retailers to exploit new business opportunities without introducing new risk to the enterprise -- whether that involves expansion, acquisition or exploiting new channels such as mobile commerce and kiosk-based sales."
About IBM
For more information about IBM, visit http://www.ibm.com.
