Are E-commerce Sites Ready for Holiday Cyber Threats?

November 27, 2024

As the holiday shopping season kicks into high gear, e-commerce platforms find themselves under increasing pressure to meet consumer demands while fending off a surge in cyber threats. Billions of dollars are at stake as consumers flock to online retailers during major shopping events like Black Friday and Cyber Monday, driving a spike in activity that cyber attackers eagerly await. CyCognito has released a report detailing the escalating cyber risks these platforms face and the persistent vulnerabilities that expose them to potential breaches. It’s a scenario that retailers cannot afford to overlook, as customer data security becomes a critical aspect of maintaining operational integrity and consumer trust.

CyCognito’s report underscores the critical need for robust security measures, highlighting that over half of e-commerce platforms collect personally identifiable information (PII), making them prime targets for cyber attackers. Among the major concerns are inadequate HTTPS protections and a sharp decline in the adoption of Web Application Firewalls (WAFs), which are essential for safeguarding data. Shockingly, the report found that 3% of web applications lack HTTPS—a fundamental security protocol—and WAF adoption has plummeted by 40%. This lapse leaves a significant number of assets, storing sensitive customer information, exposed and vulnerable to cyber threats. The increase in PII-collecting assets without WAF to 35% reveals a worrying trend that necessitates immediate action from online retailers.

The Growing Importance of HTTPS and WAF Protections

HTTPS and WAF protections are not just technical jargon but essential components in the defense against cyber threats. HTTPS encrypts data transmitted between the user’s browser and the website, ensuring that sensitive information such as credit card details and passwords are not easily intercepted by malicious actors. Despite its importance, the presence of websites lacking HTTPS is a glaring security gap. Equally concerning is the decline in the adoption of Web Application Firewalls, which serve as a crucial line of defense by filtering and monitoring HTTP traffic between a web application and the internet. These firewalls are designed to block potentially harmful traffic, making their absence a troubling aspect for modern e-commerce platforms.

The CyCognito report also draws attention to certificate validity issues, which plague approximately 6% of sites. Invalid or expired certificates can undermine consumer confidence, leading to transaction abandonment and lost revenue. When customers encounter warnings about certificate issues, they are less likely to proceed with their purchases, which directly affects a retailer’s bottom line. The erosion of trust resulting from these lapses can have lasting repercussions, as consumers may seek out more secure alternatives. Given the competitive landscape of online retail, no platform can afford to lose its customers’ trust, especially during the critical holiday shopping period.

Urgent Need for Enhanced Security Measures

As the holiday shopping rush begins, e-commerce platforms face mounting pressure to meet consumer demands and fend off a wave of cyber threats. Billions of dollars are at stake as shoppers flock to online retailers for events like Black Friday and Cyber Monday, resulting in a surge in activity that attracts cyber attackers. CyCognito has released a report detailing rising cyber risks and ongoing vulnerabilities these platforms face. Retailers can’t afford to ignore this scenario as customer data security is crucial for maintaining operational integrity and customer trust.

The CyCognito report highlights the urgent need for strong security measures, noting that over half of e-commerce platforms collect personally identifiable information (PII), making them prime targets for cyber attackers. Major concerns include inadequate HTTPS protections and a significant drop in Web Application Firewalls (WAFs) usage, essential for data protection. Surprisingly, the report reveals that 3% of web applications lack HTTPS—a basic security protocol—and WAF adoption has decreased by 40%. This leaves many assets storing sensitive customer information exposed. The increase to 35% in PII-collecting assets without WAF underscores a troubling trend demanding immediate action from online retailers.

Subscribe to our weekly news digest.

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for Subscribing!
We'll be sending you our best soon!
Something went wrong, please try again later