Cyberattacks and data breaches are becoming more common in the retail industry. New research found that 16% of retailers are being attacked on a daily basis and 11% said that it is taking place two or three times a week. Although these figures sound like only a minority of companies are affected, the same research reported that 64% of companies are facing a cyberattack at least once a month.
The number one industry segment facing attack is grocery, followed by sports and outdoor items. Despite this worrying increase in cyberattacks only 33% of retailers believe that they have a secure network. Why data breaches are disastrous for retail brands? What can retailers do to fight this increase in cyberattacks?
The first step is to acknowledge that the threat exists and to understand the consequences of not taking action. Cyberattacks can kill a successful business if the data breach involves the personal data of customers. As Deloitte has outlined in this report, there are many effects of a cyberattack that executives don’t consider until they are in the process of dealing with a live attack. Operational disruption, lost customer relationships, higher insurance, devaluation of brand image, loss of intellectual property, and the increased cost of debt are all issues that need to be handled in the wake of a cyberattack – responding to an attack is not just about closing off the network to intruders.
Companies in Europe should also be aware that the European General Data Protection Regulation (GDPR) will be enforced from May 2018. This regulation gives customers far more rights to control how companies use their data. If companies allow data breaches because of cyberattacks, then the fines will be many millions of Euros – even up to 4% of the entire global turnover of the business.
I believe that as we see more retailers focusing on a very personalised omni-channel type service there will be two distinct outcomes. First, the customer experience will dramatically improve because retailers are getting smarter about using customer data. However, because retailers are capturing more data on customers there will be an almost inevitable rise in cyberattacks. Retailers need more data to offer a more personal omni-channel service, but this makes them more vulnerable to attack.
Not many retailers handle the complete customer experience internally today – most have a partner. Sitting down with your partner and understanding their approach to security (and regulations such as GDPR) is an essential first step. All your customer experience partners should be able to demonstrate exactly how they are protecting from cyberattacks in the network, but also through the improvement of processes and employee training. If your partners cannot confidently demonstrate that your customer data is safe then it’s time to start talking to some new partners.
What else can companies do to fight a cyberattack? Leave a comment here or get in touch via my LinkedIn and let me know.