In association with Retail & Hospitality ISAC, The Media Trust produced a joint benchmarking study on third-party risks to consumer-facing websites
Washington, DC—December 18, 2019—The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) and The Media Trust are pleased to announce that they have entered into a partnership to benchmark and improve eCommerce security and efficiency. The collaboration combines the RH-ISAC vision to transform the way companies mature capabilities and collaborate to reduce the risk of cybercrime and The Media Trust’s expertise in digital security to raise awareness of unknown third-party vendors operating in digital environments.
With websites and mobile apps playing such a crucial role in reaching and serving retail and hospitality markets, companies recognize the urgency to ensure that those assets deliver the right user experience, are secure, and stay compliant with a growing number of data privacy regulations. The collaboration between RH-ISAC and The Media Trust will produce insights that underscore the heavy, yet little-known, impact that both known and unknown digital third parties have on a business’ digital assets. This collaboration comes at a time when companies from all industries are falling victim to data breaches and abuses linked to their digital supply chain.
“Our collaboration with The Media Trust demonstrates RH-ISAC’s commitment to provide retail and hospitality companies with the information and intelligence they need to address today’s mounting threats to digital security,” said Suzie Squier, president of RH-ISAC. “The reports we produce together will give our members new insights into how they can better secure their digital assets and to improve their customer journey.”
“Communities like RH-ISAC play a crucial role in developing and disseminating best practices to help their members secure their websites and apps from the ever-evolving practices of threat actors,” said Darcy Dinga, head of enterprise solutions at The Media Trust. “Getting hacked or delivering a poor user experience isn’t inevitable if you work exclusively with digital vendors you know and trust on continually improving efficiency or rooting out activities that either don’t contribute to your revenues or degrade the online journey in any way.”
The first benchmark report highlights findings evaluating 23 eCommerce sites belonging across retail, restaurant/QSR, and hotel/gaming casino segments. The report serves as a tool for enterprises to measure their ability to manage third-party risk in their digital environments. It also provides steps for addressing digital risks including:
- Identifying and blocking domains that pose immediate security risks based on client-side scans;
- Reviewing payment processing and user profile pages for the third-party domains, code, and tracking systems that could pose a security threat;
- Working proactively with digital vendors to communicate policies and procedures and verify compliance; and
- Prioritizing other changes to the digital environment based on the organization’s objectives and resources.
These steps work to improve efficiency and reduce third-party risks in the key areas of:
- Latency
- New domains executed on a website monthly
- Domains executed on payment pages that are not associated with payment processing
- Cookies with a lifespan greater than 12 months
- JavaScript that is brought by third-party vendors and that is not under the website operator’s control
In 2020, The Media Trust and RH-ISAC will produce reports that will continue to highlight the importance of vigilant reviews of digital assets.
About RH-ISAC
The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) is the trusted community for sharing sector-specific cybersecurity information and intelligence. The RH-ISAC connects information security teams at the strategic, operational and tactical levels to work together on issues and challenges, to share practices and insights, and to benchmark among each other – all with the goal of building better security for the retail and hospitality industries through collaboration. RH-ISAC serves all retail and hospitality companies, including retailers, restaurants, hotels, gaming casinos, food retailers, consumer products and more. For more information, visit www.rhisac.org.
About The Media Trust
The Media Trust is fixing the internet by creating better digital ecosystems to govern assets, connect partners and enable digital risk management. Established in 2005, The Media Trust leverages a physical presence in more than 100 countries and 550 cities to detect and remediate security, privacy, ad quality and performance violations executing on websites and mobile apps. More than 600 media publishers, ad tech providers, agencies, retailers and enterprises—including 40 of comScore’s AdFocus Top 50 websites—rely on The Media Trust to protect their digital environment, their revenue and, most importantly, their brand. Learn more at www.mediatrust.com.