Jonathan Wright, Head of Products and Operations, GCX, outlines security concerns facing retail businesses and discusses how to secure retail environments.
Retailers face growing complexity in today’s ever-changing industry. The UK’s high streets are in a critical condition as footfall continues to decline. Rising prices mean shoppers have less money to part with and this, coupled with the booming eCommerce market, high rents and restructuring plans, have meant brick-and-mortar stores have been forced to close.
Multiple factors, including the pandemic and Brexit, have caused major disruptions in global supply chains. These delays, coupled with sudden shifts in demand, left retailers scrambling to meet rising customer expectations. Big retailers like Amazon have been raising the bar on the speed of shipping, to improve network speed and agility and now, more than 40% of senior executives expect to increase their total supply chain investment.
Security
In the UK, over 80% of the population makes eCommerce purchases. In other words, over four in five UK consumers are digital buyers. With so many consumers shopping online, customer data such as addresses, bank details, and passwords is attractive for hackers who can profit from selling or misusing that data.
Attacks on retailers’ digital infrastructure are becoming alarmingly common and the UK retail sector lost £11.3 billion to payments fraud last year, figures suggest. Even major supermarket chains like SPAR and Tesco have unfortunately fallen victim to these sophisticated attacks. Robust cybersecurity solutions are crucial to prevent website outages, which can lead to lost sales, hefty fines and damaged customer trust. Today’s customers expect uninterrupted online experiences. So, simply put, any downtime directly translates to frustrated shoppers abandoning carts and a tarnished brand reputation.
Consumers’ shopping preferences
More customers want to purchase across multiple channels to get what they want. Information about products, stock and customers must be available on different platforms, including in-store, online, mobile, kiosks and in-store tablets. While businesses that provide a set of seamlessly integrated channels as an omnichannel, cater to customer preferences, opening them up to new revenue streams, they are also exposing themselves to new fraud challenges.
With such a large amount of data needed to make omnichannel businesses tick, they are a ripe target for cybercriminals looking to obtain a deep level of personal data that can be harvested for further fraud.
As the volume of threats increases, retailers must reassess their cybersecurity practices to ensure they are robust and resilient enough to protect their customers, regardless of whether they are shopping online, in-store or at a pop-up location. By prioritising digital experiences and leveraging data analytics, businesses can gain real-time insights into products, inventory and customer behaviour. This empowers them to deliver seamless customer journeys and boost revenue.
Keeping this process secure, however, can be tricky if too many disparate point solutions are deployed, as this limits visibility. Today, many retailers deploy a suite of security tools that may solve individual challenges, but when deployed together produce blind spots to be exploited. The challenge is compounded by the complexity of modern retail. Many retail operations and supply chains involve multiple businesses, each with incompatible tech stacks, and navigate a landscape of varying compliance regulations across different countries.
How to secure retail environments
To protect themselves from threat actors, retailers could benefit from consolidating their networks into a single cloud-stack solution. This is because traditional, siloed security architectures are often poorly deployed, complex and expensive to manage, and they can leave gaps in protection. Single-stack solutions offer a more holistic approach to security that can help businesses improve their security posture and reduce their costs.
Additionally, single-stack solutions can be more easily underpinned by zero-trust architecture. This is key as it provides a platform to implement security policies at a more granular level. Likewise, data segmentation means that large pools of data aren’t open to all users accessing from any device and access can be locked down to users, devices and regions on a least privilege basis.
The single stack delivers greater visibility, improved telemetry and consistent security inspection from endpoint user/device to application/service. By doing this, retailers can secure their IT assets and access through a single ZTNA framework whilst having the visibility to vital data that reflects the security and network, across the business that is essential to ward off cyberattacks.
For example, consider a malicious actor attempting a ransomware attack on a retailer’s network. The ZTNA framework detects unusual file encryption attempts across multiple systems. The retailer’s IT team receives real-time alerts showing abnormal activity and the ZTNA system revokes compromised user credentials and isolates affected devices, preventing the ransomware from spreading. With this visibility, a retailer’s IT team can quickly pinpoint the entry point of the attack, allowing for quick resolution.
The key to future retail success
Securing retail environments is vital. Once retailers establish robust security measures, they can focus on meeting the elevated expectations of modern shoppers – seamless, quick and convenient services.
Every secure interaction is a retailer’s chance to create a relationship and earn customer loyalty and these interactions should facilitate the collection of data to improve the customer experience using secure, high-quality and on-brand strategies. The most successful retailers understand that by prioritising security, they can in turn analyse customer behaviour and the customer journey, leading to improved retention, more targeted marketing, curated shopping experiences and ultimately greater sales.
Click below to share this article
