According to Outpost 24’s Web Application Security for Retail & E-commerce Report, US retailers are more vulnerable to web application attacks than retailers based in the EU. Outpost 24, a cybersecurity firm, calculated that web apps used by American retailers have a larger aggregated average risk score of 35, compared to their EU counterparts smaller risk scores of 31. US retailers were also found to have a wider attack surface, running more publicly exposed web apps (3357) compared to those in the EU (2799). However, the EU retailers were found to have a higher proportion of applications using old components continuing vulnerabilities (27%) compared to US retailers (22%).
Overall, Outpost 24 found that the largest single attack vector for both US and EU retailers was security mechanisms, with respective risk exposure scores of 99 and 90.5. Outpost also found that the use of HTTP websites and unrestricted access to unsecured areas of the site without encryption would contribute to a high attack surface score. This data is incredibly important for retailers in the upcoming months with the dawn of Christmas shopping season upon us, as well as the upcoming Black Friday and Cyber Monday sales soon approaching.