FMI AP & Grocery Resilience Conference March 19-23, 2023 Retail Secure Conference March 21, 2023 ISC West 2023 March 28-31, 2023 RLPSA Conference April 2-5, 2023 2023 ISCPO Conference April 11-13, 2023 RILA AP Conference April 30-May 3 NRF PROTECT 2023 June 5-7 GSX 2023 September 11-13 APEX Conference September 13-15 LPRC IMPACT October 2-4, 2023 See More Events

Check out the Daily's Exclusive Reports D&D Daily Q1 2022 ORC Report D&D Daily's Q1 2022 Retail Violent Fatalities Report D&D Daily's Q4 & 2021 Robbery Report The D&D Daily's Q4 & 2021 ORC Report The D&D Daily's Q4 & 2021 Retail Violent Fatalities Report See more reports

2022 National Retail Security Survey 2021 NRSS Survey 2020 NRSS Survey 2019 NRSS Survey 2018 NRSS Survey 2017 NRSS Survey 2016 NRSS Survey 2015 NRSS Survey NRF's 2021 Top 100 Retailers

---

Send love to lawmakers fighting retail crime

New legislation to fight retail crime

With Crime Rising Even More NYC's Progressive Caucus is "Falling Apart"

Even (some) NYC Council progressives get the madness of ‘Defund the police’

The City Council’s progressive circus — er, caucus — has fallen apart. Last week, nearly half the members who had proudly called themselves progressives deserted. They now see the progs’ “Defund the police” stance as a political albatross, and they’re right.

Until last week’s exodus, the progressive caucus held two-thirds of the City Council — 34 out of 51 members. Almost everybody wanted to be progressive, or pretend to be, because they feared the left. Close Rikers, stop prosecuting drug sales and shoplifting, forbid landlords from considering whether a potential tenant has a recent violent criminal record — all good. 

But the caucus went a step too far. Chairs Shahana Hanif and Lincoln Restler of Brooklyn wanted members to sign a new loyalty pledge, including this statement: “We will do everything we can to reduce the size and scope of the NYPD and the Department of Correction.” 

What does this even mean? Taken literally, it would involve the council just zeroing out the police and corrections budgets — immediately.  Something more than a dozen moderates and liberals couldn’t abide.

Suddenly, the people who make up a big chunk of voters in these districts have stopped being virtuously liberal. They’ve started saying to themselves: You know what, I’m not a bad person for wanting to stop mass shoplifting so that we can keep at least one drugstore open around here. 

A Quinnipiac poll this month found that 53% of Manhattan voters consider crime to a “very serious” problem, up from 21% in 2017.  

Through Feb. 5, felony crime in core Manhattan is up 11.6% from last year and 27.5% over the pre-pandemic 2019 number. Citywide, New York has lost 15 years of progress, with felonies back to 2006 levels. Don’t even ask about misdemeanors.  nypost.com

 

NYC saw record levels of felony crimes last year, most in over 15 years

More than 170,000 felony crimes were reported in the Big Apple last year — the most since 2006, when the NYPD first started making such statistics publicly available.

The data, released last week, shows a record 172,852 felonies reported in 2022. That’s up 20.4% from 2021, when 143,522 complaints were recorded.

It was even higher than 2006, the earliest year publicly available, which had 171,318 felony complaints recorded, the data shows.

Major crime continued to spike into the new year, with a 4.1% increase in complaints of the seven major felonies in January compared to the same time last year, according to NYPD statistics released earlier this month.

Criminals appear to be “more emboldened than ever,” Jack said, adding, “I feel like the police don’t have enough support to do their job properly.”  nypost.com

United States Secret Service NATIONAL THREAT ASSESSMENT CENTER

MASS ATTACKS IN PUBLIC SPACES: 2016 - 2020, January 2023
138 People Killed & 299 Injured as of Feb 10

Study Identifies Common Behaviors of Concern Among Mass Attackers

Updated: There have been 63 mass shootings, 96 killed and 299 injured, and 6 mass murders, 42 killed, in the United States so far this year. These attacks left 138 people dead and 299 injured, according to data from the Gun Violence Archive through Feb. 10, 2023.

The gun archive defines a mass shooting as an incident in which four or more people were injured or killed. Mass murder as FOUR or more killed in a single event [incident], at the same general time and location not including the shooter.

Researchers and government officials are continuing to track these incidents and look for trends to help communities mitigate risks and respond to potential threats.

Finding Commonalities in Mass Attacks

While no two mass attacks are the same, half of these incidents in the United States from 2016 to 2020 were sparked by personal, domestic, or workplace disputes or grievances, according to a U.S. Secret Service National Threat Assessment Center report.

The report, Mass Attacks in Public Spaces: 2016-2020, analyzed 173 targeted attacks in public or semi-public locations, such as schools, houses of worship, and businesses, and the attack types included shootings, vehicle ramming attacks, and other methods of mass violence. These attacks resulted in physical harm to 1,747 people—including 513 who were killed.

Attackers’ grievances were most often related to a personal factor (27 percent), such as bullying, stress related to health or finances, ongoing feuds with neighbors, or feelings of victimization. In 17 percent of cases, grievances were related to current or former domestic relationships; in 10 percent of cases, grievances were workplace-related. Other motivations included ideological, bias-related, or political beliefs (18 percent); psychotic symptoms (14 percent), a desire to kill (7 percent), and fame or notoriety (6 percent).

The report found that the majority of attacks (69 percent) occurred in public locations that are freely accessible, 34 percent occurred in semi-public spaces such as workplaces or educational institutions. The most common locations for mass attacks were businesses (51 percent, or 88 attacks), followed by open spaces (35 percent) like outdoor events, streets, sidewalks, and parking lots. Thirteen attacks took place at educational institutions.

In 53 percent of the attacks, the attacker had no known affiliation with the location—some appeared to open fire randomly while others selected target locations for what they represented or offered. In the remaining cases, though, the attacker was affiliated with the site—13 percent were current or former employees, and 9 percent were customers or clients.

“In some cases, attackers were affiliated with a site indirectly through another person, for example, by selecting a family member’s restaurant or the workplace of a former romantic partner,” the report said.

Based on this study examining mass attacks in public spaces from 2016 to 2020, and building on NTAC’s extensive history of studying all forms of targeted violence, the following operational implications are presented in support of developing policies and protocols for behavioral threat assessment programs.   asisonline.com

Read the whole report here:  NATIONAL THREAT ASSESSMENT CENTER - U.S. Secret Service  - U.S. Department of Homeland Security  January 2023

 

Fraud Prevention Tops CFO Digital Innovation Wish List

Going back nearly three years to the pandemic’s March 2020 start, most businesses across sectors tell PYMNTS that they’ve since been prioritizing investments in digital fraud prevention and risk management solutions.

That’s according to data from PYMNTS’ February 2023 playbook, “Digital Payments Technology: Investing in Payments Systems for the Digital Economy,” which also found that working capital and credit solutions were the second most common organizational tech investment.

The pandemic's effect on digitization investments
Share of companies citing reasons for investing in technologies in select areas since March 2020.

Fraud prevention/risk management tops List in all sectors
All sectors - Fraud prevention/risk management tops list - 55.8%
Retail Trade - Fraud prevention/risk management tops list - 65.8%

Businesses have transitioned through several stages of technology spending over the past three years.

For much of the early pandemic, spending aimed to give companies a buffer in riding out the COVID-19 disruptions as well as insulate them from the next-generation digital threats brought by the lockdown-era’s hyper-rapid acceleration of online commerce.  pymnts.com

 

New Compliance Rule & Audit Point

Loopholes will close for executives selling company stock

For the last two decades, officers and directors at U.S. public companies seeking to trade illicitly on inside information had an almost infallible get-out-of-jail-free card.

All they had to do was use prearranged trading plans when they bought and sold their companies’ shares. The odds the government would target them for enforcement actions were slim. It was an unintended consequence of a regulation adopted in 2000 called Rule 10b5-1 that academic research shows was abused by some executives.

That regime is about to change. A new Securities and Exchange Commission rule promises to remove many of the loopholes that allowed corporate insiders to hide behind these trading plans. For most U.S.-listed companies, new disclosure requirements will kick in April 1.

Among the highlights: Officers and directors will have to wait at least 90 days after starting or modifying a 10b5-1 plan before they can trade under the arrangement. The forms used to report their trades will include mandatory checkbox disclosures showing whether they were using such a plan, as well as the plan’s adoption date. The companies, too, will have to disclose the substance of 10b5-1 plans in their quarterly and annual reports. 

Some insiders were selling shares less than a month after adopting their plans, sometimes even the same day, or adopting and initiating trading plans right before earnings announcements. wsj.com

 

Seems Timely Given the New Rules Targeting Insider Trading Mentioned Above

US Department of Labor announces publication of interim final rule for handling criminal antitrust anti-retaliation complaints

WASHINGTON - The U.S. Department of Labor’s Occupational Safety and Health Administration recently published an interim final rule establishing procedures and timeframes for handling employee retaliation complaints under the Criminal Antitrust Anti-Retaliation Act, enacted Dec. 23, 2020.

The departments of Labor and Justice will collaborate to enforce CAARA to ensure protection of whistleblowers from retaliation for reporting potential criminal antitrust violations or engaging in other protected activities.

For additional details about the statute along with instructions on how to file a complaint with OSHA under the CAARA, read the fact sheet on Whistleblower Protection for Reporting Criminal Antitrust Violations.

For more information on whistleblower protections, visit OSHA's Whistleblower Protection Programs webpage. govdelivery.com

OSHA Increases Maximum Penalties and Announces Significant New Enforcement Policies

The Occupational Safety and Health Administration (OSHA) increased the maximum penalty amount for serious and other-than-serious violations to $15,625 per violation effective January 15, 2023. Only eleven days later, OSHA announced two new initiatives that could greatly increase the scope and impact of the agency’s enforcement tools against employers. 

First, OSHA announced that Regional Administrators and Area Office Directors can consider citing certain types of violations as Instance-by-Instance (IBI) citations for cases where the agency identifies “high-gravity” serious violations of OSHA standards.

OSHA’s application of IBI to “high gravity” serious violations is a significant departure from current OSHA policy, which only considers applying IBI citations in “egregious willful” cases.

Second, OSHA will attempt to cite more violations separately rather than “grouping” them, which would result in higher penalty amounts and more total violations for employers.  jdsupra.com

 

Strong News for Retail

Mastercard: In-store spending tops online in January; total sales up 8.8%

U.S. retail sales (excluding automotive) rose 8.8% year-over-year in January, according to Mastercard SpendingPulse, which reports on national retail sales across all payment types.

In-store sales were up 8.9% year-over-year and e-commerce sales increased 8.4%.

Consumer spending remains resilient in the first few weeks of 2023,” said Steve Sadove, Mastercard senior advisor and Former CEO of Saks. “Mastercard SpendingPulse insights show that the overall retail story remains largely positive with January posting a solid month of growth across the country.”  chainstoreage.com

Office occupancy reaches 50% in most major cities for the 1st time since pandemic

Walmart Shuts Curbside-Only Pickup Locations Just as Grocers Ramp Them Up

Off-Price Retailer Tuesday Morning Files 2nd Bankruptcy in 2 Years

Canadian Retailer - Showcase Opens 31 Stores in 13 States

 

 

---

Senior LP & AP Jobs Market

Corporate Risk Manager
*This position can be based out of Seattle, WA, Tacoma, WA or Portland, OR*

Summary of Role and Responsibilities:

• Proactive approach to preventing losses/injuries whether they are to our employees, third parties or customers valuables. They include cash in transit, auto losses or injuries.
• Report all incidents, claims and losses which may expose the company to financial losses whether they are covered by insurance or not.
• Ensures the execution of established risk or operational policies and procedures associated with risk mitigation.
• Supports field operations with risk training and development of the leadership team.

dayforcehcm.com
 

---

Prosegur Security’s Loss Prevention Sustainability Program Reduces Retail Waste by 230 Tons in Two Years DEERFIELD BEACH, Fla. (February 14, 2023) – Prosegur Security, a global leader in security technology, has reported successfully preventing 230 tons of loss prevention equipment from ending up in landfills through its refurbishment program of EAS equipment. At the same time, the company has helped retailers save between 48% and 74% on their procurement of EAS equipment through the fast-growing program which doubled in volume in the last year. “Reducing waste on the one hand and reducing costs on the other are twin objectives that loss prevention teams are increasingly being tasked with,” said Tony D’Onofrio, CEO of Prosegur’s global retail business unit. “Over the past two years Prosegur has increased its efforts to help retailers meet these objectives by refurbishing and putting back into use over 230 tons of electronic article surveillance equipment that was destined for landfills. In this way, we have helped our retail partners strengthen their sustainability programs while also helping them reduce costs on equipment they need for everyday operations.” According to D’Onofrio, Prosegur now has the largest and most widely used loss prevention equipment buy-back and refurbishment program in the U.S. in which some of the nation’s largest retailers participate. “In addition to helping the environment, through this program Prosegur has also created a catalog of the largest selection of EAS solutions from different manufacturers available anywhere, including harder to find legacy equipment,” said Gus Kratzer, vice president of Prosegur Certified Pre-Owned division. “All equipment our Certified Pre-Owned program receives is inspected, cleaned, tested and refurbished to be in nearly as-new condition, and then it is offered to our retail partners at savings of up to 74% compared to new all the while carrying full Prosegur warranty for an added peace of mind. For this year our goal is to have even more retailers work with Prosegur to repurpose even more equipment and reduce waste, but also to help them capture the savings.” More information about Prosegur’s Certified Pre-Owned program can be obtained at the company’s website.

Research suggests that when companies have turnover at the top, they are more vulnerable to cyberattacks

A change in leadership in an organization is often a time of uncertainty, confusion and insecurity.

It’s also the perfect time for cybercriminals to strike.

Why does a change in leadership make a company more vulnerable? Chalk it up to three main reasons: increased uncertainty, unsettled workplace practices and a desire to please the new boss (and sometimes the old one).  wsj.com

 

Economic volatility to exacerbate cyber risk in 2023

• A broad expectation for economic headwinds and continued market volatility exacerbates risks across the cybersecurity sector, the Bipartisan Policy Center said in a report released Sunday.
• Difficult decisions about personnel and budgets can create or increase cybersecurity risks by reducing spending or deferring costly but important updates to operating environments and corresponding controls, the Washington-based think tank said in the report.
• Lagging corporate governance, vulnerable infrastructure and a lack of investment and preparedness are among the top macro risks most likely to impact organizations this year.  cybersecuritydive.com

 

How Companies Can Minimize the Cybersecurity Risk From Their Tech Vendors

Hackers can access a company’s data by exploiting loopholes in a vendor’s system

Here are five ways that cybersecurity experts say companies can guard against cyberattacks originating from vendors.

1. Set up a rigorous review process when hiring vendors 

Because vendor cybersecurity approaches are largely out of client control, vetting vendors to ensure they have processes to guard against threats is crucial.

Vendor reviews and questionnaires offer insights into vendors’ threat-mitigation efforts, she says. For technology vendors, she recommends looking at whether the vendor uses a so-called ethical hacking program to ensure systems are continually being tested for vulnerabilities. 

2. Spell out expectations in vendor agreements, including how data will be shared 

Companies and vendors should come to an agreement on how company and vendor systems will work together, including how information will be accessed and shared between the two parties.

3. Hire internal assessors to regularly brief directors on vendor cybersecurity programs and vulnerabilities 

These assessors can onboard vendors, and then continuously monitor vendors for security protocols and problems, says Ms. Hanson.  

4. Carefully guard access to company data from the vendors 

Vendors should access company systems on a least-privilege model, in which contractors are able to access systems critical for their work and nothing more, says Ms. Hanson. Two-factor authentication is a given.

5. Empower the chief information security officer and bring security expertise to boards  

A key impediment to putting in place a vendor-security program can be company politics. In many firms, cybersecurity is the responsibility of the chief information security officer, but that person often has limited influence on executive teams.  wsj.com

 

Plan now to avoid a communications failure after a cyberattack

CISOs should take the lead to develop a post-cyberattack communications plan that accurately informs stakeholders and instills confidence in their organizations' response.

Responses to recent cyber breaches suggest organizations can struggle to get the message right in the midst of an incident. While managing the communications around an incident is outside the direct purview of the CISO, having an existing communications plan in place is an essential element of cyber preparedness.

“Communications are a critical component of a good cyber strategy, and it should be prepared and practiced in organizations before an incident occurs,” says Eden Winokur, head of cyber at Hall & Wilcox, which helps companies with cyber incident management among other things.

Cyber preparedness should include a communication plan

Winokur’s advice is to err on the side of transparency, while ensuring accuracy when it comes to responding to a cyber incident. “Cyber is not just an IT risk. It really is an enterprise risk, and a key part of cyber preparedness includes a communication strategy within the organization and with external stakeholders.”

While there’s little official guidance provided by associations or government on developing a communication plan, the communications team in conjunction with senior leadership, legal and the CISO’s team should have input into developing the response. It needs to consider duty of disclosure requirements for privacy regulations, listed companies and law enforcement bodies.  csoonline.com

Microsoft OneNote Abuse for Malware Delivery Surges

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Organizations worldwide have been warned of an increase in the number of attacks abusing Microsoft OneNote documents for malware delivery.

Part of the Office suite, OneNote is typically used within organizations for note taking and task management, among other operations.

What makes OneNote documents an attractive target for threat actors includes the fact that they do not benefit from the Mark-of-the-Web (MOTW) protection, along with the fact that files can be attached to OneNote notebooks and then executed with minimal warnings.  securityweek.com

Walmart is closing tech hubs and bringing IT workers back to the office

Walmart shuts the door on e-commerce-only stores

• Walmart plans this week to shut down a pair of stores in Bentonville, Arkansas, and Lincolnwood, Illinois, that offer only pickup and delivery service, marking the end of a nearly decade-long experiment by the retailer aimed at improving convenience for e-commerce customers, according to a company spokesperson.
• The retailer has also decided to close several conventional locations in Illinois, New Mexico, Florida and Wisconsin, all of which will cease operations by March 10, the spokesperson said.
• Walmart is opting to stop operating stores focused solely on fulfilling online orders even as other businesses are investing in the concept.  retaildive.com

Peachtree City Police find thousands in stolen merchandise, 3 arrested.

Peachtree, GA: Police have arrested three people who they say targeted Bath & Body Works stores for snatch and run shoplifting. Peachtree City Police say the Avenue Shopping Center has been hit several times by smash-and-grab robbers. Stores such as Victoria's Secret, Lululemon, and now Bath and Body Works. Police in Peachtree City credit a shopper with giving the information they needed for an officer to pull over a Camaro involved in a big snatch-and-run robbery of a Bath and Body Works store. Police shared body cam video of the arrest. Police say inside the car they found more than $2,000 in scented candles and plug in air fresheners. Investigators say the three are responsible for loading up shopping bags and simply walking out with them without paying. Police say they also found stolen merchandise from another metro Atlanta Bath and Body Works. They believe the three people arrested had targeted that store for this kind of crime. fox5atlanta.com

Burglars hit Best Buy, Home Depot stores.

Kitsap County, WA: Kitsap County detectives are investigating two overnight burglaries that happened early Monday. The first one happened at the Silverdale Best Buy store around 12:30 a.m. The second burglary happened hours later at the Poulsbo Home Depot around 3:30 a.m. The two burglars were recorded by surveillance cameras, but their faces cannot be seen. One is wearing a white protective suit, similar to what was worn in some Mason County burglaries, the sheriff’s office said. Kevin McCarty with the Kitsap County Sheriff’s Office says it appears these two suspects are prolific offenders. “They used a cutting tool to get into the Home Depot and you can see the sparks flying in the picture,” said McCarty. “It’s obvious that they’re working pretty hard, it’s fairly sophisticated to get into these businesses in the middle of the night.” Deputies said the same burglars may have also broken into a Silverdale Home Deport earlier this month. The suspects appear to be using a 2020 to 2022 Ford Ranger that is seen in surveillance photos. “What links them all together is there is the same method of operation for each break-in,” said McCarty. “Two suspects, one of them dressed in a Tyvek, protective suit, will come to a business in the early morning hours.” kiro7.com

Cleveland Police seeking 2 Suspects attempting to load $12,000 on a gift card.

Cleveland, OH: Police say on Thursday, February 9th, two men gained access to a Walmart cash register and attempted to load $12,000 onto gift cards but were only successful in loading one $400 gift card. The two men drove a rental Honda CRV with Pennsylvania plates. wtam.iheart.com

3 Thieves steal cigarettes during smash and grab

Chicago, IL: 3 Thieves steal cigarettes during smash and grab at North Side gas station, Thieves smashed the door to get inside a gas station convenience store on the city's North Side Thursday morning. It happened in the 5600 block of North Lincoln Avenue around 3:35 a.m. Three people ran inside and grabbed cigarettes but ran out quickly because an alarm went off. Police were on the scene just seconds after the thieves took off. The owner of the Marathon gas station told our non-stop news crew he never leaves cash in the register. cbsnews.com

Shoplifter with two prior theft convictions arrested at Walmart

Ocala, FL: Shoplifter with two prior theft convictions arrested at Walmart. 43-year-old woman was arrested at a Walmart in Ocala after she was accused of making a fraudulent return and stealing over $140 worth of merchandise. Jackson was arrested and is facing a felony charge for second degree petit theft (third or subsequent offense) and a misdemeanor charge for trespassing. ocala-news.com

Paducah, KY: Police seeking 2 Suspects in multiple theft totaling over $5000.

---

---

---