LevelBlue released its
2024 Futures Report: Cyber Resilience in Retail.
The findings detail how the rapid evolution of computing has thrust
retail businesses into a perpetual struggle between innovation and risk.
While dynamic computing presents major opportunities for technology
innovation in the retail industry, these capabilities bring new security
challenges that will require retailers to enhance their cybersecurity
resilience to better safeguard against today's threats.
There is a high degree of optimism in the retail industry as it
relates to the innovation potential that results from dynamic computing.
In fact, 86% of respondents anticipate that dynamic computing will
enhance operational performance within the next three years, especially
in artificial intelligence (AI) strategy development and leveraging
sophisticated supply chains. However, a similar number - 82% -
acknowledge the increased exposure to risk.
Despite this acknowledgment, 77% of respondents believe dynamic
computing's innovation benefits outweigh the cybersecurity risks.
Furthermore, retail leaders are ambitious about investing in the
technologies underpinning dynamic computing, but 62% report being a
cautious or late AI adopter.
"The era of dynamic computing, spawned by the Internet of Things
(IoT) and 5G technologies present both tremendous opportunities and
risks for retail organizations," said Theresa Lanowitz, Chief Evangelist
of LevelBlue. "However, as traditional perimeters dissolve, traditional
security methods no longer suffice, and retailer leaders need to be
thinking broadly about overall cyber resilience. They need to be
concerned with establishing visibility into the entire IT estate and
protecting the whole organization, including supply chains and meeting
the demands of customer data privacy. With our new research, leaders can
analyze the landscape of barriers that exist, and take away practical
steps for overcoming them with their retail organizations."
Today's retailers continue to face unintended consequences as supply
chain attacks rise, and vulnerabilities from third-party sources become
the top threat factors. This latest LevelBlue report indicates that
there is a significant lack of visibility of the supply chain, with 67%
of respondents indicating this as a major concern for physical and
software supply chains. Another 75% of respondents reveal difficulty in
assessing supply chain risk, with only 36% stating that their supply
chain is completely or almost completely secure.
When assessing cyber resilience planning and cybersecurity budgeting for retail organizations, the report found that:
- 65% of respondents reported that leadership doesn't prioritize
cyber resilience, and 75% say their organizations do not specifically
invest in cyber resilience beyond cybersecurity.
- Only 37% integrate cybersecurity into their computing planning or
have a cybersecurity budget line item for every project, and a majority
(74%) indicate that cybersecurity resilience initiatives are not
sufficiently factored into the organization's budget.
- 72% believe cybersecurity is an afterthought, and 74% indicate that
it's impossible for them to assess how an attack might impact their
organization.
- 67% confirm efforts are often siloed, hindering comprehensive
protection, 65% lack formalized incident response plans, and 62% do not
have standardized cybersecurity processes.
- 61% indicate that they have little to zero visibility into the IT
estate, and 74% say the lack of visibility is compounded by new
regulations.
- 80% reveal their organizations are at risk due to barriers
impacting their cybersecurity resilience strategies, and 78% report
struggling to find the external guidance they need.
To better achieve cyber resilience in the retail industry, LevelBlue
shares five specific steps that can be applied across industries,
directly in response to these findings: identify the barriers to cyber
resilience; be secure by design; align cyber investment with business;
build a support ecosystem; and transform cybersecurity strategies.
Download the complete findings of the 2024 LevelBlue Futures Report: Cyber Resilience in Retail at this link here.
The report identifies how retail organizations can effectively
prioritize innovation while reducing cyber risk in today's quickly
advancing retail environment. This report follows the May 2024 release
of the core 2024 LevelBlue Futures Report found here.