Cybersecurity in retail: How can retailers leverage cybersecurity and data privacy to drive value?

Up to ten years ago before online retail really took off, retailers would use specific methods to drive value. They would create a safe environment for their customers when they were in the store; they would ensure that their customers’ financial transactions were protected (give them the correct change, protect their checks, etc.); and they would ensure that nobody stole their customers’ goods. Through different retail experiences, customers found the retailers they liked and trusted—and they stuck with them.

Today, technology advancements drive increased convenience for customers. However, with this comes risk and an increased number of ways to intercept or interrupt commercial transactions. Cybersecurity and retail therefore are tightly entwined.  Because the retail sector is very sensitive to customer trust, retailers can either thrive or go out of business, depending on whether they are trusted by their customer base.  With loyalty card schemes, customers entrust companies even further with personal information and shopping habits that can be leveraged to gain insights into customer behavior. This has increased value in terms of revenue and contribution of loyal customers for the companies. However, there is a flipside: companies must ensure that customer data is safe and not abuse its use.

Our global survey on Cybersecurity in Retail points to the soaring importance of social media. Shoppers trust the wisdom of the crowd and the challenge for brands and retailers alike, is to be seen as authentic and trustworthy.  The report also contends that “trust plays an important role in how consumers evaluate online security risks.”

Cybersecurity is therefore key in ensuring that:

• The retailer is able to continue doing business online
• The integrity of their online transactions is maintained.

The prevention of DDoS (distributed denial-of-service) attacks and the elimination of ransomware, among others, ensure that a company stays open for business and maintains its ability to trade.

The General Data Protection Regulation (GDPR), which comes into force this May, will ensure value through the provision of a quality service for customers. Companies can showcase their service quality by showing customers that they genuinely care about their personal information, including the right to be forgotten, rather than selling personal data to third party service providers. To protect their brands, companies must absolutely avoid GDPR data-breach penalties and the resulting negative publicity.

This suggests that if trust is key in retaining and improving market share, cybersecurity plays an implicit part of it in the world of online retail.

Terence Stamp

Expert in Identity and Access Management

I advise my clients on the implementation of Identity and Access Management solutions using a number of different technologies. I also architect and design these solutions performing integrations with both on-premise and cloud platforms.