Intelligent CIO Middle East Issue 47 | Page 77

INDUSTRY WATCH DIGITISATION HAS TOUCHED EVERY ASPECT OF OUR WORLD, WHICH MEANS THAT THE POTENTIAL FOR AN EMBARRASSING SECURITY BREACH EXISTS FOR ALMOST ANY AND EVERY TYPE OF ORGANISATION. T This problem of lax security has been resolved to a great extent when the software solution is provided by a software product company. However, the retail sector by design is not strongly focused on information and data security because their connection to ‘valuable data’ is not evident. Security is of prime importance for such organisations. In cases where the software is built in-house or outsourced to a vendor who is not specialised in providing software solutions specifically meant for large enterprise clients, the problem of security usually continues to persist. he retail sector is a prime target for hackers and cybercriminals, and why not? Look at the sheer volume of data generated on a daily basis. Customers’ personal details along with their credit card numbers make a lucrative target. Information is usually and rightly viewed to be a domain involving software and digital interactions while retail has to do with physical products and offline stores. This is changing rapidly with the advent of online retailing and digitisation of CRM, loyalty and business analytics solutions. Retail giants started using software solutions a long time ago to improve their customer engagement efforts and to improve their sales and margins through advanced data analytics. Retail companies are becoming aware about the dangers involved in ignoring security as the impact of breaches have become more costly in the current market landscape where retail is driven by social media. Protecting information and data is not only about protecting competitive information, but also about protecting brand image in the market. This has caused a significant shift in the security focus and expectations of retail organisations, whether it is towards in- house solutions or outsourced ones. With the advent of cloud-based solutions for analytics, CRM, loyalty and e-commerce, the high volume of data and information which resided earlier in discrete form in individual stores started being collected and collated in centralised data repositories. The retail industry has now become well-aware about information security certifications such as ISO 27001:2013 & PCI DSS, including the role that these certifications play in increasing assurance against security breaches. This permitted a greater degree of digital processing. Unfortunately, it was not always the case that the data was handled in a secure manner, mostly due to a general lack of understanding on how security should be implemented. Creating and promoting a security department within their organisations has become a common trend even in retail organisations, where typically such practices were either viewed as unnecessary or excessive. INTELLIGENTCIO 77