Cybersecurity: A 2022 checklist for CIOs

Cybersecurity is always high on the investment priority list for retailers, but Gartner points out in its recent 2022 Cybersecurity Trends report that digital leaders are losing control in a distributed ecosystem.

Meanwhile, 66% of global CIOs expect to boost security investments this year, according to Gartner. 

In addition, strengthening cybersecurity was the most-cited business initiative influencing technology spending in an Enterprise Strategy Group (ESG) poll where 38% listed cybersecurity above things that generally top the priority lists, such as improving data analytics and customer experience.

Changing priorities

How retailers respond will be important as the security landscape continues to change and as IT budgets are often constrained. 

This has led in turn to growing demand for cloud-based services such as software as a service (SaaS), which allows retailers to scale their cybersecurity capabilities far more cost-effectively than upgrading on-premise systems. 

In addition, working with a third party brings confidence that the most cutting-edge and cost-effective solutions are being used, in contrast to the risk that internal systems are behind the curve. 

Using cloud services, retailers can be more agile and avoid the problems that can result if upgrades to internal systems are delayed or just take too long.

Safety fears dissipating

Earlier concerns over the security of using cloud services have dissipated entirely.

While no solution can ever be 100% secure, it is cloud that has had the greater focus of investment in recent years and suppliers are more likely to always conform to industry standards for detecting, reporting and assessing information security incidents. 

External software vendors will also test these limits by undertaking continuous penetration testing to find and fix any areas of weakness.

Here is our 2022 cybersecurity checklist for retail CIOs:

1. Work even more closely with the partners in your distributed ecosystem, because their systems’ interdependencies can cause vulnerabilities that will become your problem and stop trading. 

2. Work with sales and marketing to agree on the right balance between letting the right one in and keeping out fraudsters. The shift to personalisation comes with the risk of greater exposure for both the retailer and the customer, so needs careful watching. This partnership will in time enable retailers to get a better idea of just how much security customers are prepared to go through before they give up or move to another vendor. 

3. Create measures for success that determine what impact initiatives have had on the business rather than just the level of security. Start by documenting what measures are not currently available, such as labour costs involved in dealing with an attack, as this will then support the case for future investment.

4. Adjust your focus according to the commerce demand risk curve, which rises particularly in the last quarter of the year and during other peak seasons.

5. Look down as well as up, so deal with the known risks but keep a watching brief on what might be to come as the fraudsters become more sophisticated.

You’re not alone. Vendors providing cloud retail management software are pioneering new approaches to security because they not only have the resources to invest, but they work with multiple customers, so are able to determine where the need for innovation is most urgent.