A cyber crime occurs every 18 seconds, but few companies are developing proactive plans to deal with a security event before it happens. Involving executives, including a company's board of directors, is imperative for retailers to mitigate the damage from a breach.

It's been a year since Target's data breach and retailers are still vulnerable even as the busiest shopping season kicks into high gear, warn security experts, largely due to a lack of focus on asset management.

A majority of U.S. shoppers, 60 percent, said they would be comfortable giving out personal information, anonymously, to their favorite stores in exchange for benefits and rewards. Another 56 percent would give out the same information to a product brand and 46 percent to a product app, according to a recent survey from Wearables.com and The Center for Generational Kinetics.

Bring-your-own-device has caught on, and for many it's a positive development. Security is a big issue for companies that follow the trend, though, and one way to ensure it is by having remote-wiping capability to invoke under certain sets of circumstances. The trouble is, many of the gadgets in use don't segregate business and personal data. That means when a phone or tablet is wiped, everything goes.