6 steps to improve omnichannel cybersecurity
INSIGHT ARTICLE |
For middle market retailers, omnichannel strategies are still in their infancy and will continue to grow. Likewise, associated risks will also increase as new technologies and processes are implemented related to this vital strategy. How can retailers address these evolving cyberthreats and other risks?
Consider the following six steps to improve your organization’s omnichannel security efforts. And, for further insights on this topic, download Securing retail's omnichannels: Partnerships, process and controls
1. Develop a partnership with the pacesetters
While the marketing team may not be the driver behind an omnichannel strategy for all companies, the security group at each organization needs to identify those with the most velocity for driving corporate growth, the pacesetters, and develop a strong line of partnership and communication. According to RSM’s recent survey, executive involvement in a company’s omnichannel operations is critical as it affects the entire operating model of the company. In fact, 71 percent lead their company’s omnichannel activities. For security leaders who are positioned below the executive team, the challenge becomes balancing day-to-day responsibilities with the push to meet with and develop relationships with those higher on the corporate ladder.
2. Improve and expand the security workforce
Security leaders are often promoted through the ranks of IT, and these individuals need to either seek education to increase their business knowledge or hire individuals with experience in working with business processes. Securing resources that understand processes requires the ability to facilitate discussion on how the company conducts business. Using these discussions, security leaders should focus on efficiency while providing a strong foundation to support the technical members of the security team.
3. Understand the data and process flow(s)
With the right training and individuals in place, security needs to understand the critical processes within the marketing business function (or other pacesetters). Meeting with the management teams who oversee the critical business functions related to omnichannel, such as marketing, development, legal and store operations, can allow security to identify those processes that are critical to the omnichannel strategy and prioritize them based on their confidentiality, integrity and availability. Security needs to focus this effort on criticality of the process to the business and the data within.
4. Apply process improvements
The outcomes of the process and data ﬂows should lead right into recommendations for process improvements or risk reduction methods. For example, focusing on decisions of insourcing versus outsourcing, data collection and storage, transmission channels, and individual and business groups with required access can often provide a great reduction in overall risk. For those used to working closely with payment card industry data security standards (PCI DSS), follow the process of scope reduction and applicability as a general method for process improvements.
5. Implement security controls
Once the process improvements are completed, technical controls can be applied. Based on the newly limited scope, controls should be selected based on alignment to a speciﬁc and relevant framework encompassing all regulatory and contractual obligations. For example, most retailers still must comply with PCI DSS, so those controls need to be accounted for. Other organizations have additional frameworks such as the Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act, the National Institute of Standards and Technology Cybersecurity Framework, and other state and national privacy and data breach requirements to meet.
6. Embed security in technology
Omnichannel efforts focus heavily on advancing technology, such as new integrated mobile and web applications, web services connections, Bluetooth technology, line-breaking kiosks and mobile devices, store pickup vending machines, and much more. As the technologies continue to evolve, the security team must ﬁnd unique approaches to secure these technologies.
For further insights on this topic, download Securing retail's omnichannels: Partnerships, process and controls
you may also be interested in
This infographic breaks down the key findings from the RSM retailer omnichannel survey of middle market retailers.
Understand the rising threat of data breaches and how the vast majority of cyber incidents occur within small and middle market companies.