*By Mario Gama
Have you ever imagined seeing all the planning drawn up for end-of-year sales come to a standstill due to the unavailability of e-commerce? Unfortunately, this is not an unlikely scenario for companies that do not yet have a sales strategy. safety well defined for your online store. This is because, attacks hackers are on the rise.
To give you an idea, a NetScout report on DDoS threats – which prevent users from accessing the website due to a deliberate overload of requests – indicates that Brazil registered more than 372 thousand DDoS attacks in the first half of 2024, an increase of 4.3% compared to the second half of 2023. This market movement indicates the need for companies to deepen their discussions related to technology and cybersecurity.
AI for good and for bad
Artificial Intelligence (AI) has shown promise in many areas, and malicious individuals have already begun to exploit it. According to the survey “The State of Cybersecurity in LATAM 2024”, around 55% of Brazilian companies suffered from AI-powered cyberattacks in 2023. Among the applications, deepfake stands out, which adulterates content to make it appear realistic, and is widely used to forge registrations and make illicit purchases. In addition, another attack that has been improved with the support of AI is fraudulent emails, which have increasingly presented themselves as safe to victims.
However, at the same time as this inappropriate use exists, professionals specialized in cybersecurity have also employed AI in the automated and intelligent identification of deepfakes themselves and abnormal user behaviors, as well as in the agility in problem-solving and better response time to an attack, which without agile tracking could take days to be resolved.
A Microsoft study even shows that the security team is up to 39% faster in activities such as summarizing an incident, compared to a team without AI resources. This shows a significant gain in speed and performance for a team that definitely needs to act very quickly.
Good practices to ensure good sales
Considering the current scenario in Brazil, there are several types of attacks and scams that can affect an online store. Not only the system, but also employees and customers may be susceptible. This is because the motivations behind fraudulent actions vary, in their most different levels of types and complexities.
In this context, malicious individuals may want to make the website unavailable to inhibit sales, gain some kind of control over the business, obtain customer data, or promote a discount, for example. Therefore, raising awareness among customers, employees and partners becomes essential and urgent.
After all, there is no point in investing in technology to ensure transaction security if people share their access with a third party after being criminally deceived. Therefore, it is essential to clearly indicate which sales channels are official and to warn about possible scams. At the same time, it is necessary to properly map permissions and access, in addition to offering authentication in more than one factor.
Furthermore, the entire technological infrastructure must be very well structured, involving a prior assessment of the estimated load expected during the period of high demand, growth plans and updating of the environment, to prevent it from becoming vulnerable. With regard specifically to security, a complete vulnerability monitoring plan is also required, as well as incident response and penetration testing.
During periods of higher demand, more than just worrying about the sales team, it is necessary to bring together the infrastructure, cybersecurity and fraud prevention teams to execute the previously designed planning, monitoring requests and user behavior in real time, mapping suspicious triggers and what is generating load in the environment, in addition to identifying possible scams and attack attempts.
Last but not least: have a backup and recovery procedures tested and trained by the team. This is the security safeguard that every company needs to have, so that in case of an incident the system can be restored. This is an important point, because most ransomware groups that try to damage the backup also do so.
Investing in IT infrastructure and mature cybersecurity processes is the way forward
Given that opportunities advance at the same speed as scams and attacks, the market has demanded specialization in IT infrastructure and cybersecurity. To this end, specialized companies have proven to be great allies in this journey of digital evolution of virtual stores, leading robust projects to structure the environment, monitor adversities and take agile and assertive action.
In addition to ensuring business maintenance, it is also possible to stimulate its growth, accelerating not only year-end sales, but also stimulating a mature and necessary dialogue about the role of technology and cybersecurity in retail digital.
*Mario Gama is Cybersecurity Practice Leader Latin America & Caribbean at SoftwareOne, a leading global provider of end-to-end solutions for software and cloud technology.
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies
EN 
PT 
