GM Sectec: Cyber threats vectors & Ecommerce into 2023

A Visa study found almost 75% of fraud and data theft involves e-commerce companies. Adherence to and compliance with cybersecurity standards such as PCI DSS, a critical path for the protection of sensitive data for businesses and accelerating adoption and trust in the digital economy.

SAN JUAN, Puerto Rico, Nov. 21, 2022 /PRNewswire/ — Kicking off with Amazon's Prime Day in October, to the holiday season, to the milestones of Black Friday and CyberMonday, the last 100 days of the year are the biggest retail sales season in the world.

In the United States alone, Adobe Analytics predicted that online holiday sales will reach $209.7 billion through December 31st, 2022, representing 2.5% year-over-year growth.

According to Bloomberg, the United States will lead Christmas sales in the continent with 59% of transactions, followed by countries such as Brazil (13%), Mexico (6%) and Peru (1.6%).

E-commerce has come to reign among consumer preferences, convenience, choice and with that same token becoming the launchpad of attacks and fraud by cybercriminals.  According to the Visa Biannual Threats Report study, up to the first half of 2022, almost 75% of the fraud and data breach cases investigated by Visa teams worldwide involved e-commerce companies.

"Targeting e-commerce platforms and third-party code integrations are among the most common tactics used by threat actors conducting digital theft attacks,", Visa's report notes. "These e-commerce attack tactics, techniques and procedures confirm that threat actors target supply chains and third-party service providers with a high frequency and show continued interest in payment account data and personally identifiable information (PII)."

Ensure the protection of your electronic payment transactions

Cyberattacks are becoming increasingly sophisticated and, as statistics show, payment transactions in e-commerce environments is already a key focus for cybercrime targets.

"There is no silver bullet when it comes to fraud. You can implement the best systems in the world, but they still rely on human beings who have exploitable blind spots. That's why educating your consumers and employees is imperative to stopping fraud. Making sure every link in your supply chain institutes a zero-trust architecture helps combat fraud before it starts, but it only takes one text message, LinkedIn message or email for a fraudster to gain access to your systems. Making sure everyone knows the signs is the best way to stop fraud," says Michael Jabbara, Global Head of Fraud Services at Visa.

The Payment Card Industry Data Security Standards (PCI DSS) is a standard governed by the principal card brands (Visa, Mastercard, American Express, Discovery and JCB) and add value in protecting cardholder data. In this regard, all merchants that process, store or transmit credit


Regarding the state of adoption of standards for the protection of data in electronic transactions, the 2022 Verizon Payment Security Report (2022 PSR) confirms a significant improvement in PCI DSS compliance since 2020, with 43.4% of organizations aligned with the regulations versus the 27.9% reported in 2019. However, this diagnostic revealed that more than half (56.7 %) of organizations failed interim validation assessments due to omissions of one or more security controls.

Further strengthening the payment security landscape on the table for CISOs and other organizational security professionals, the PCI SSC standard recently instituted one of the most significant updates to the DSS since its launch in 2004: PCI DSS v4.0 will go into effect in 2024.

"Security leaders must focus their attention and resources to catch up with these new requirements. The threat of credit card fraud and information theft in the global retail sector has never been more prevalent. PCI compliance, governance and risk management practices are imperative for all organizations that interact with cardholder data", said Héctor Guillermo Martínez, President GM Sectec.

GM Sectec, the global leader in cybersecurity, and Visa, global leader in digital payments, have strengthened their partnership to facilitate fraud prevention, cyber defense and cybersecurity best practices in the Latin America and Caribbean region. To this end, GM Sectec in partnership with Cybersource, a Visa solution, will now offer payment and risk management services supported by GM Sectec's cybersecurity expertise.

"One of the biggest concerns for businesses and organizations of all types, sizes and industries is how to protect the personal data and sensitive information of hundreds of thousands of users, customers and consumers who rely on them to conduct their daily transactions through various channels and platforms, many of them digital. The strengthening of our partnership with Visa, will allow organizations of all types across the payment system to engage cyber defense best practices with the support of a trusted cyber defense leader," said Hector Guillermo Martinez, president of GM Sectec.

"Cision" View original content to download multimedia:–ecommerce-into-2023-301684385.html

SOURCE GM Security Technologies