Meeting the rising cybersecurity challenge in retail

Every year, our Global CEO Survey offers a goldmine of fascinating insights into various industries. This year is no exception. And, as with most mines, it’s often the case that the value increases the deeper you dig.

Take the findings on what’s keeping CEOs awake at night in two sectors I work with: Consumer and Retail. Despite the rising global frequency of cyberattacks, only 39% of CEOs in Consumer businesses say they’re worried about cyber risks. By contrast, the level of concern among Retail CEOs is much higher, at 51%.

With both sectors part of the same value chains, you might think the gap is surprising. But the two industries are actually very different in nature, bringing them different degrees of exposure to cyber risks – at least for now.

So, what’s the difference? The Consumer sector essentially consists of big, global companies that manufacture products. While these companies might distribute some of their products directly to customers (B2C),  most of their sales are made (B2B) to distributors and retailers. The retailers, by contrast, deal with vast numbers of end-customers at the front lines. 

What’s more, retailers are digitizing their businesses at breakneck speed. Whenever I speak to retail clients, they say driving digital transformation forward is front and center of their strategic agendas. Spurred by surging online shopping and home deliveries, they’ve spent the past 18 months dramatically accelerating their investments in digital channels, assets,  marketplaces and partnership.

The result? Retailers capture and manipulate a vast amount of consumer data. Quite rightly, they are particularly concerned by risks of cyberattacks and data leakage.

In my view, those concerns are justified. At the current stage of their digital journeys, they’re particularly exposed to cyber threats for three main reasons:

• First, they’ve maximized the pace of their transformation through techniques including experimentation of new applications, new distribution models with collaborative partnerships requiring exchange of data with smaller innovators, start-ups and new partners whose cyber defenses may be less organized and structured, than those of the retailers themselves. The potential effect? New points of vulnerability.
• Second, the personal consumer information that retailers are handling is among the most sensitive of all types of data in legal, regulatory and reputational terms. That magnifies the potential damage if it’s breached or compromised.
• Third, consumers themselves are worried about their personal data and how it’s used. PwC’s latest Global Consumer Insights Pulse Survey shows that data security has a far greater impact on trust than any other factor, with 59% of consumers saying they’ve become more protective of their data over the past six months. And only 47% are confident that the brands they buy from, protect it “to a great extent.” The implication? Retailers live or die by their brand – which makes cybersecurity a key risk to monitor.

So, when it comes to cyber, retailers now operate in the glare of a spotlight – and our CEO Survey confirms they know this and act upon it.