If these yearly rituals have not already taught the e-commerce industry anything, remember, proactive exposure management is vital for risk mitigation.

This Black Friday and Cyber Monday, retailers and their customers face heightened cyber risks, with threat actors poised to exploit vulnerabilities amid the rush.

The holiday season is known for increased cyberattacks, where bad actors capitalize on the chaos of increased traffic and last-minute system updates to breach organizational defenses.

According to one cybersecurity firm’s latest cyber advisory, cybercriminals are set to exploit the usual common weak points this year, such as:

• Misconfigurations
• insecure identities
• unpatched vulnerabilities in web applications and server infrastructures

These are especially critical for e-commerce sites that either use off-the-shelf content management systems or custom web applications, which require thorough vulnerability scanning and audits before the holiday spike in traffic.

• Adopt a solution that provides full visibility into vulnerabilities and exposures
• Prioritize and mitigate vulnerabilities based on their potential impact
• Identify misconfigurations and insecure identities that could enable attacks to escalate quickly
• Ensure vulnerability scanning and security audits are performed on both custom web applications and off-the-shelf content management systems before the holiday traffic surge
• Maintain visibility across IT assets, operational technology (OT), cloud infrastructure, and identity to understand exposures putting the organization at risk
• Move beyond reactive scanning to proactive risk assessment and remediation
• Recognize that breaches during the holidays can have long-lasting impacts on both organizations and customers.

Taking early steps to reduce risks will help keep attackers “out in the cold” during the busiest shopping season, Caveza reiterated.