As consumers lead increasingly connected lives, more of their personal information is being transmitted through online channels than ever before. In an increasingly competitive ecosystem, brands are collecting consumer data dubiously to better inform marketing efforts and personalize campaigns. Unfortunately, this behavior often puts both brands and consumers at risk. Retail, specifically, is at such risk that last year the FBI distributed a confidential report detailing the increased risk of malware on various point-of-sale systems. Modern retailers need to be aware of connected consumers and take responsibility as connected companies to secure and responsibly manage the data they collect, or suffer the consequences.
Everything is Connected
The frightening reality is that we live in a time where big data is only getting bigger. By 2020, it's estimated that the data we collect and copy annually will reach 44 trillion gigabytes, and will continue to grow at an exponential rate. In addition, with the surge of the Internet of Things (IoT), this data will be pouring in from an increasing number of channels and devices. Within the next five years, Gartner estimates there will be 25 billion connected things in use. Another layer to this new reality is that omnichannel marketing makes an attempt to unify data from disparate systems to get an even more unified customer view.
Everything is becoming much bigger and more connected at a rate that many companies may not completely understand or be prepared for. While the potential for this scenario to play out in consumers favor is high, delivering convenience and insights beyond our wildest dreams, so too is the potential for destruction. Retailers that want to deliver omnichannel experiences should be prepared to deliver omnichannel security as well.
Everything is a Target — Just Ask Target
The security breaches of major retailers like Target, Home Depot, TJX and CVS (to name a few) should be wake-up calls for modern retailers. In the case of Target, hackers gained access via the company's HVAC system. New methods of payment technology (e.g., Apple Pay) were found to have weak points when banks authorized stolen credit cards from other Apple devices. Who is to blame in these scenarios? The channels? The devices? The authorizing body?
Recently, the acknowledgement that the IoT boom is upon us has led many to question the regulatory process behind these devices and information systems. “[The] ‘Internet of Things’ networks that give internet access to everything from power poles to baby alarms also create huge new opportunities for data breaches,” said Aon Australia’s Eric Lowenstein. What's becoming clear is that if there's something valuable being shared between two parties online, there's an opportunity for someone else to steal it.
Approaching Security Today
Dennis Chesley, global risk consulting leader for PwC, notes, “Many executives are declaring cyber as the risk that will define our generation.” While alarming, there are steps companies can take to minimize risk. According to PwC's Global State of Information Security report, nearly 91 percent of global companies surveyed have adopted a risk-based cyber-security framework, enabling them to identify and prioritize the security risks they face, and plan accordingly. In the same study, 59 percent of companies said they're leveraging big data analytics to improve security and better understand internal and external threats. Specifically, companies should strive to use secure versions of open-source software, implement audit-logging technologies to understand and monitor big data clusters, and build servers based on secure images for all systems in their big data architecture
An Agile, Companywide Model
In 2015, building and driving omnichannel strategies based on big data was a top priority to ensure brands could stay connected to ever-fickle digital consumers. As we stand in the risky wake of our own efforts, the new challenge will be to secure the data and channels through which consumer information flows. Much like modern “agile” marketing, this effort is never going to be a “set it and forget it” model.
We live in an exciting and dynamic age of change and movement that necessitates agility across all departments and connectivity of the organization as a whole. Security cannot be an issue that lives only within IT. Maintaining security and consumer trust must be a key focus of all arms of the company. Why? Because if a breach does happen, the company feels it as a whole. Therefore, why shouldn’t there be shared awareness, responsibility and repercussions?
In a recent webinar, email marketing guru David Daniels told the audience that modern enterprises need to be “masters of organizational change, unthreatened by new ideas,” in order to be successful. I agree. However, I might add that while unthreatened by new ideas, we're acutely aware of the potential threats that could compromise our ideas — and stand ready to meet them head on.
Paul Mandeville is the chief product officer for QuickPivot, a cross-channel marketing platform.