With disruptive new digital competitors and rising customer expectations, retailers today face challenges that threaten their high street survival. Competing in this modern retail marketplace increasingly depends on the use of data to understand customers better, including how and when to engage with them, as well as what will convert browsers into buyers.
As a result of this trend, retailers have accumulated more data than ever before. But the protection of this data, along with securing broader IT networks, has often been viewed in terms of the cost of mitigation. However, it’s time they changed their perspective – getting cybersecurity right doesn’t just keep data and networks safe, it can actually provide a compelling new competitive advantage.
A recent study from Capgemini's Digital Transformation Institute surveyed consumers and retail executives and found 77% of consumers ranked cybersecurity in the top three most important factors when selecting a retailer, ahead of pricing and brand reputation. Moreover, 40% said they would be willing to increase their online spend by at least 20% more with retailers they trust.
It makes sense that consumers are prioritising data security so highly. Digital transformation of business models and infrastructure is taking place across industry sectors and is incredibly effective at driving operational efficiency and generating new revenue channels. However, it’s also exposing organisations to increased risk, opening new attack vectors for hackers to exploit, while also increasing the chances of accidental data breach. With data breach incidents today regularly making national news, the issue of data security has never been as prominent in the minds of the general public.
Unfortunately, the reality across the sector is that many retailers have yet to fully implement the cybersecurity solutions required to protect them from threats. Measures like data encryption, anti-malware tools, and the implementation of clear and transparent data policies are all central to data protection, as well as having the potential to drive customer preference.
This needs to be addressed as a matter of priority – as the pace of digitisation increases, almost half of retailers surveyed identify the inclusion of new technologies like the Internet of Things (IoT) as one of the main issues exposing their organisation to breaches. Ineffective delegation of cybersecurity responsibilities also ranks amongst the top vulnerabilities, an issue making it difficult to identify malicious activity in a timely manner. The survey found that less than half of retailers are performing daily or weekly audits into areas like application security, meaning breaches can go undetected for seven days or more – more than enough time for them to cause significant disruption.
To stay ahead of hackers, retailers need to develop a holistic understanding of their own systems and keep abreast of the latest external cybersecurity developments. In addition, it’s important they find effective ways to communicate this information to key internal business decision makers for rapid mitigation of threats and remediation of breaches when they occur. The following steps are key:
Once effective measures have been put in place, it’s essential that retailers share this information with their customer base. The study identified a disparity between consumer expectations and retailer delivery when it comes to proactive communication. 70% of consumers wanted to be assured that their financial and personal information is safe, confirming they would buy more online if retailers did so. With only 44% of retailers actively informing their customers, it’s clear the majority of businesses are missing an opportunity to differentiate themselves.
Ultimately, there is a major opportunity and competitive advantage for those retailers that proactively demonstrate that they take data protection seriously and are taking steps to protect consumers. By changing their data handling culture, and deploying best in class cybersecurity solutions, organisations can build customer relationships that move the bottom line. Indeed, Capgemini’s study predicts enhanced cybersecurity and data protection could drive a revenue uplift of approximately 5%.
With the EU’s General Data Protection Regulation (GDPR) coming into effect on 25th May, many businesses have been motivated to get their house in order out of fear of non-compliance. But it’s time we stopped looking at cybersecurity as an onerous obligation, and started looking at it as an opportunity. In the age of IoT, getting it right is just good business sense. Retailers aspiring to grow their business, either in-store or online, need to take advantage of this unexplored avenue.
Tim Bridges and Geert van der Linden, Capgemini