Guest Column | December 6, 2017

Next-Gen Security Is Crucial To The Digital Transformation Of Omni-Channel Retail

By Susan McReynolds, CenturyLink


The race to embrace digital transformation is forcing retailers to respond quickly or risk falling behind. In fact, IDC predicts by 2019 investments in digital transformation will triple, stealing a greater share of funding away from store capital.

Of course, it's no secret data underpins digital transformation. For retailers, in particular, tremendous amounts of omni-channel product and customer data must be collected, stored, and redistributed across the enterprise to drive actionable insights that inform decisions.

Keep in mind that, because data fuels digital transformation, retailers are prime targets for cybercriminals to launch advanced attacks. If digital initiatives are not strategically developed and deployed with security serving as a foundation to the entire process, it can become a vicious — as opposed to virtuous — cycle.

Obstacles In The Way Of Digital Transformation

With the blurring of the physical and digital worlds within the store environment, being at the front and center of digital transformation provides distinct advantages. However, the omni-channel presents security obstacles that can slow down or prevent digital transformation altogether. In a marketplace where only the most responsive and agile companies will survive, these barriers must be overcome.

First, if you're seeking digital transformation, you must develop stronger security controls across more channels than ever before as these breed further complexity across an ever-expanding attack surface. Retailers that operate outdated and legacy IT environments create additional vulnerabilities (network and infrastructure weaknesses) that hackers are eager to exploit.

What’s more, bringing the best of online digital engagement directly into the store environment creates additional risk and vulnerability for brick-and-mortar retailers. In fact, 53 percent of retailers indicated their organization is deploying advanced technologies such as cloud, Big Data, and Internet of Things (IoT) before having the security in place to protect them. Bypassing security controls is a risk no retailer should ever take.

Fortunately, retailers are well-positioned to capitalize on the benefits and promises of digital transformation to help deliver a differentiated customer experience — but only if they place security at the forefront of digital execution.

What Can Be Done To Better Secure The Digital Journey?

  1. Move to network and cloud-based security. The number of companies taking next-gen security measures is already on the rise. According to Forrester’s The State of Network Security: 2016 To 2017, 40 percent of enterprises are planning to implement or are upgrading next-generation firewalls within a year.

Why? Because implementing network and cloud-based security to replace vulnerable on-premises hardware solutions better protects omni-channel environments from advanced threats while simplifying the security infrastructure.

Plus, with access to advanced security capabilities like intrusion detection, content filtering, and sandboxing, you can build more sophisticated layers of defenses.

  1. Protect digital assets and investments. You need to defend web-facing applications, e-commerce platforms, and other accessible infrastructures against advanced cyberthreats — and you can through network-based security and robust denial of service attack (DDoS) mitigation solutions. In fact, 88 percent of U.S. retailers ranked network security as the most effective at preventing data breaches.

To defend online assets, it is imperative to ensure your DDoS mitigation provider has adequate ingest capacity (i.e., the network's capacity to absorb large-scale DDoS attacks) to protect your retail network against volumetric threats that are increasing in frequency, size, and sophistication.

The top questions retail leaders must ask themselves are: How much do we stand to lose from network downtime? And how quickly could our retail organization respond to an attack?

  1. Defend the brick-and-mortar environment. Nearly 58 percent of retailers reported malware was one of the greatest security risks they faced in 2016 — and they are correct. And yet, although they know a malware exploitation within the store environment can bring down their entire retail network, only 16 percent of all brick-and-mortar retailers are confident in their advanced perimeter protection.

With the number of digital endpoints and in-store technologies rapidly increasing, access methods to the internet must be secured within the physical store. While it is undeniable IoT and Wi-Fi deployments help collect valuable data and enhance in-store experiences, their network subnets need to be segmented properly from employee and point of sale subnets, requiring separate internet policies to only whitelisted (approved) IP addresses. By implementing cloud-based firewalls with advanced malware detection capabilities you can be alerted if IoT devices have been compromised and respond quickly with the appropriate defenses.

  1. Conduct yearly assessments for top-notch security. Cybercriminals are constantly uncovering new entry points and vulnerabilities to invade your network outside of the cardholder data environment. This means it's crucial to uncover vulnerabilities and network security gaps, and then refine remediation and response plans.

Enlisting professional security services to conduct comprehensive annual network and application vulnerability assessments, along with penetration testing, can help you identify weaknesses and strengthen defenses beyond PCI compliance requirements.

The bottom line? Embracing digital transformation will help enable a differentiated brand experience within today's hypercompetitive retail landscape. But security cannot be an afterthought.

About The Author

In the role of retail strategy manager for CenturyLink, Susan McReynolds works with customers, analysts, and industry leaders to keep a pulse on the IT trends and challenges facing today’s omni-channel retailers. Susan has held various marketing and business development roles over the last 12 years. Before joining CenturyLink, Susan worked with leading national and global athletic brands to develop custom visual merchandising programs. Susan received her MBA and undergraduate degrees from the University of Colorado at Boulder.