Thanks to the surge in point-of-sale (PoS) malware leading to major data breaches, ABI Research expects more enterprises to migrate from traditional to next-generation firewalls (NGFWs) in the coming years.
The firm expects the total number of PoS-related security incidents with confirmed data exposure to hit 600 by the end of 2015.
“Notable brands like Target, Neiman Marcus, PF Chang’s, Staples, Michaels Stores and Home Depot have all have become victims of PoS security breaches targeting consumer payment card data. In the majority of cases, PoS attacks take place due to malware infections,” the firm explained in its report. “During the past few years there has been a considerable rise in malware families including POSCardStealer, Dexter, Alina, vSkimmer, ProjectHook, BlackPOS and others, many of which can be easily purchased online.”
One of the key technologies that can be deployed to protect PoS is network segmentation, which can be achieved by deploying an NGFW. In the case of the Target breach, network sequestration would have prevented the larger systems compromise. Once unauthorized access is gained, network segmentation can provide effective controls to mitigate the next step of a network intrusion and limit further movement across the network.
“The key advantage that NGFW provides for network segmentation is application servers and data can be designated in different segments based on their risk factors and security classifications, with access to them tightly controlled,” said Monolina Sen, ABI Research’s senior analyst for digital security.
The most sophisticated attacks are highly targeted, deploying hard-to-detect, customized malware, and requiring substantial lateral movement within a compromised network for effective detection. Smaller businesses that do not have dedicated information security resources to help secure their retail environments are at increased risk, Sen added.