ASPECT OF OUR WORLD,
WHICH MEANS THAT
THE POTENTIAL FOR AN
BREACH EXISTS FOR
ALMOST ANY AND EVERY
TYPE OF ORGANISATION.
T This problem of lax security has been
resolved to a great extent when the
software solution is provided by a
software product company.
However, the retail sector by design is
not strongly focused on information and
data security because their connection to
‘valuable data’ is not evident. Security is of prime importance for such
organisations. In cases where the software
is built in-house or outsourced to a
vendor who is not specialised in providing
software solutions specifically meant for
large enterprise clients, the problem of
security usually continues to persist.
he retail sector is a prime target
for hackers and cybercriminals,
and why not? Look at the sheer
volume of data generated on a daily
basis. Customers’ personal details along
with their credit card numbers make a
Information is usually and rightly viewed
to be a domain involving software and
digital interactions while retail has to do
with physical products and offline stores.
This is changing rapidly with the advent
of online retailing and digitisation of CRM,
loyalty and business analytics solutions.
Retail giants started using software
solutions a long time ago to improve their
customer engagement efforts and to
improve their sales and margins through
advanced data analytics.
Retail companies are becoming aware
about the dangers involved in ignoring
security as the impact of breaches
have become more costly in the current
market landscape where retail is driven
by social media. Protecting information
and data is not only about protecting
competitive information, but also about
protecting brand image in the market.
This has caused a significant shift in the
security focus and expectations of retail
organisations, whether it is towards in-
house solutions or outsourced ones.
With the advent of cloud-based
solutions for analytics, CRM, loyalty and
e-commerce, the high volume of data
and information which resided earlier
in discrete form in individual stores
started being collected and collated in
centralised data repositories. The retail industry has now become
well-aware about information security
certifications such as ISO 27001:2013
& PCI DSS, including the role that these
certifications play in increasing assurance
against security breaches.
This permitted a greater degree of
digital processing. Unfortunately, it was
not always the case that the data was
handled in a secure manner, mostly due
to a general lack of understanding on
how security should be implemented. Creating and promoting a security
department within their organisations
has become a common trend even in
retail organisations, where typically
such practices were either viewed as
unnecessary or excessive.