Europe - EN
België - NL
Nederland - NL
España - ES
France - FR
(Advertorial) A rise in eCommerce activity presents more opportunities for cybercriminals—but retailers don’t need to fight this battle alone. Thousands of security researchers are using their ethical hacking skills for good. Intigriti explains how.
A guide to reducing risk for retailers
If someone were to find a security issue in your eCommerce site, you’d want to know about it, right? A simple yet proven method to protect against cyber threats is to invite ethical hackers in to test the strength of your defenses and then alert you to your vulnerabilities.
To help bring retailers up to speed on this subject, Intigriti is hosting a free webinar on February 15th about how to stay ahead of unknown cyber threats through hacker-powered security. But first, if you’re new to ethical hacking concepts, read on to better understand the basics of this increasingly popular security testing approach.
How ethical hackers can help retailers
Worldwide, thousands of security researchers are using their ethical hacking skills for good. They’re helping to build a safer digital shopping experience for consumers by researching, identifying, and alerting eCommerce brands to vulnerabilities in their security systems before they’re taken advantage of.
What are ethical hackers?
‘Hacking’ refers to the action of using computer programming or technical skills to break through a cybersecurity barrier. Mainstream media coverage of hacking tends to associate this with something criminal. However, ethical hacking is quite the opposite.
Like malicious hackers, ethical hackers have extensive knowledge of systems, codes, and programming. They’re also driven by a shared overriding goal: to break through a target’s defense systems. However, as the name suggests, an ethical hacker operates within the law and will disclose vulnerabilities to the companies they work with. Ethical hackers are highly skilled individuals who can safely simulate malicious hackers’ behaviors to highlight weak links and blind spots in a company’s attack surface.
Inviting hackers to put your defenses to the test
Today, many online retailers hire ethical hackers to work with them to find cybersecurity vulnerabilities in their digital assets. Not only does this improve the strength of their cybersecurity posture, but it empowers them to stay one step ahead of cybercriminals. Additionally, hiring ethical hackers enable businesses to:
-
Reduce the risk of losses from a cyberattack
-
Show a commitment to continuous security testing
-
Increase their trustworthiness as data protectors
-
Keep up with ever-evolving cyber threats
-
Help limit liability in case of a real cyberattack.
One example of a retailer already applying this method is Dutch shoe retailer, Torfs, which incentivizes ethical hackers to report vulnerabilities to their business through a bug bounty program. Torfs IT Manager, Raf De Lau, emphasizes the importance of their relationship with ethical hacking communities: “Through the bug bounty program, we continued to discover significant security issues. If a malicious hacker had found them, it could have cost us a lot of money and damaged our brand.”
How to work with ethical hacking communities
Ethical hackers dedicate significant amounts of time to discovering and reporting security flaws to businesses. Therefore, creating a stress-free and sensical way for them to disclose security vulnerabilities to you is critical. Not only does it encourage responsible vulnerability disclosure, but it maximizes the success of their contribution.
To get the most out of working with ethical hacking communities, join Intigriti’s free one-hour webinar on February 15th, 2022. In this interactive session, award-winning ethical hacker, Inti De Ceukelaire, showcases real examples of how cybercriminals target online retailers. Plus, he’ll give his top tips for collaborating with security researchers (white hat or ethical hackers) to help maximize the security of your online store all year round.
The webinar is free for everyone, but registration is mandatory — sign up today!
