Cyber Monday Risks Exposed

By SHRM Online staff Nov 25, 2013

The biggest online shopping day of the year is traditionally the Monday after the Thanksgiving holiday (aka Cyber Monday). Employees may be stalking the best buys on the Net this Dec. 2, but beware: It’s also prime hunting ground for cyber thieves.

Companies need to be watchful as employees use their work computers to take advantage of enticing online deals, or to open holiday greetings and videos, because a simple click of the mouse may introduce security risks to a business’s networks.

In fact, 64 percent of organizations see significant increases in cyberattacks on Cyber Monday, and only 23 percent of those attacks can be quickly detected and remedied, according to a study published in October 2013 by RSA and the Ponemon Institute LLC. RSA is a provider of intelligence-driven security solutions; Ponemon conducts studies on critical issues affecting the management and security of sensitive information about people and organizations.

One hour of downtime caused by a cyberattack could mean an average loss of almost $500,000, not counting brand damage and loss of customer loyalty. Unfortunately, precautions are often ignored. Nearly 70 percent of organizations do not take additional steps in anticipation of increased attacks, the survey found.

The findings are based on a survey Ponemon conducted in August 2013 with 1,161 experienced IT practitioners in the United States and the United Kingdom. The majority of respondents have full or partial responsibility for the security of their organization’s websites.

SolarWinds, a provider of IT management software, suggests the following best practices to lessen the security risks from Cyber Monday:

  • Fortify firewalls. Firewalls accumulate an ever-growing list of redundant rules and objects, along with conflicting rules and unused rules. Make sure firewall rules are up-to-date.

    *Perfect patches. Organizations are prime targets if they are not current on their patches or if they don’t have a full account of all the applications that end users have installed. Reduce malware exploitations from cleverly disguised holiday-deal scams by keeping patches up-to-date.
  • Monitor internal traffic. Identify where users are chasing shopping deals by continuously monitoring user workstation activity and behavior. With a proxy server, businesses can block certain sites. Remember, if you allow it, monitor it. If you don’t allow it, make sure it’s blocked.
  • Be on top of bandwidth. An increased spike and concentration of people using the Internet to browse holiday deals online will likely affect network bandwidth. Don’t lose sight of attackers who may strike while you’re focused on keeping your n​etwork up and running. Monitor network bandwidth and traffic, and take appropriate action by pinpointing users who are abusing privileges.


Job Finder

Find an HR Job Near You
Post a Job


Find the Right Vendor for Your HR Needs

SHRM’s HR Vendor Directory contains over 10,000 companies

Search & Connect