By Raj Raguneethan, Asia Lead, Retail and Consumer Industries, Microsoft.
Retailers are facing challenges coming from a myriad of directions. Disruptive shifts like the explosion of online and mobile shopping have thrust retailers, now competing in a global omnichannel marketplace, into a fierce battle for the ever-fragmenting wallet share—and mindshare—of consumers.
Evolving customer behavior and preferences are primary catalysts for change. For the new instant-gratification consumer, smartphones increasingly serve as the indispensable portal to their personal, social, workplace, and shopping lives, used to pay bills, book a hotel, share vacation photos on social networks, or buy a coffeemaker.
As a result, the retail industry is undergoing seismic shifts stoked by swift and unprecedented technology innovation. For retailers and brands navigating this new world, digital intelligence and innovation—be it an artificial intelligence powered chatbot that fields customer service requests or a hyper-local store assortment informed by the Internet of Things—are critical to driving sales and margins in today’s on-demand consumer economy.
Retail Organizations a Prime Target for Cybercriminals
As retail organizations introduce more personalized services and customized engagements for their customers, they are storing and utilizing more personal data, such as product preferences and transactions history. However, this data, together with financial information that flows through their networks when transactions are done, make retail organizations an increasingly attractive target for cybercriminals.
In fact, more than half of the retail organizations (56%) in Asia Pacific have experienced a security incident or are not even sure they had one because they had not carried out proper forensics or data breach assessment, according to a recent study carried out by research firm Frost & Sullivan.
Two key cyberthreats that retail organizations face are ransomware and data exfiltration. Criminal groups could seize control of a customer database and hold a retailer to ransom; or worse, they could steal that customer data and sell the information on in the black market, damaging the reputation of the company permanently.
Web defacement is yet another common threat faced by retail organizations here. This is as bad as someone vandalizing a physical store or spraying graffiti right on the front door. Unlike other organizations, retailers suffer a direct hit in sales with such attacks.
The Frost and Sullivan study found that a large retail organization in Asia Pacific incurs an average of US$18.7 million of direct and indirect economic losses from a security incident.
Customer churn is the largest economic consequence of a cyberattack, resulting in US$16.9 million of the indirect cost. As brand loyalty continues to erode and competition becomes increasingly intense in the retail landscape, any cyber breach can cause consumers to quickly lose trust in the company, and readily switch to another retail organization that will be better able to safeguard their financial and personal information.
Lastly, the fear of cyberattacks is also undermining retail organizations’ abilities to capitalize on the massive opportunities present in this region’s burgeoning digital economy. Asia Pacific’s e-commerce is estimated to bring $3.5 trillion worth of sales by 2021. However, the study reveals that instead of stepping up their game to engage this region’s growing digital consumer population, 60% of retail organizations here are delaying their digital transformation progress due to cybersecurity concerns.
Cybersecurity Needs to at the Core of Retail Organizations’ Digital Transformation Strategy
As retail organizations transform their operations in the months and years ahead, they have to ensure that cybersecurity is key to the strategy. It has to be baked in from the start and not an afterthought that is slapped on later.
The problem today is that there are too many cybersecurity solutions. There is a lack of integration between them, adding complexity to IT systems that are already complex to manage today. Too often, it is not that a threat is not detected but that it is not visible or acted on by human operators.
Retail organizations that had more security solutions actually faced more security incidents, according to the Frost & Sullivan study. And those with more solutions – some more than 50 – took a longer time to recover from an attack.
It is time to view cybersecurity less as a tactical tool and more as a strategic differentiator for a business. Retail firms should embrace it as a core business function, just as they view customer data as key to their future operations.
How should a retailer get started on this? There are five key areas they can focus on:
- View cybersecurity as a digital transformation enabler
- Invest in fundamentals such as adequate IT resources
- Maximize skills and tools with integrated best-of-suite tools
- Carry out continuous assessment, review and compliance
- Leverage artificial intelligence (AI) and automation to boost capacity and capability
With multiple threats coming from so many directions, it will be difficult to stop all of them all of the time. To counter that, AI will be increasingly important. It will greatly automate many processes and provide security analysts with the ability to sifts through millions of threat data points to accurately identify which activities are highly suspicious and respond swiftly to them.
The good news is that three in four retailers (75%) in the region have either adopted or are looking to adopt AI for cybersecurity, according to the study. That points to a changing mindset in the sector.
Just as important is the understanding that cybersecurity is not just a technology solution. It also involves people and processes – elements that take time to change. Technology may help catch an intruder. However, people in the organization have to be wary of threats as well and avoid unwittingly opening up a loophole for cybercriminals. Similarly, processes may have to change to better safeguard the increasing amounts of data retail organizations will hold.
In today’s digital economy, retail companies have to reduce risk and boost confidence in customers seeking a safe, secure and seamless buying experience. That is the key to a successful transformation.