A shifting cyber security landscape and the increased complexity of supply chains means organisations are at increasing risk of cyber crime and should treat this risk as a business issue rather than an IT issue, a new report has said.
Marsh’s report, Retail, Supply and the Digital Revolution, said: “Ownership for cyber security must now move to business leaders themselves. Companies therefore need to take a more strategic approach to help identify, manage, and treat these new cyber threats.”
The report points out that concepts such as omni-channel retail, the internet of things, and contactless payment systems are all integrated features of the retail environment today yet a few years ago were relatively unknown.
New concepts such as automation of processes while drawing on analytics and algorithms to predict and supply customer demand are leading towards collaborative, digital, and demand and data-driven supply chains yet this will increase cyber-risk.
The report cited research showing that retail and consumer goods companies are more likely to report cyber-crime than businesses from any other industry except financial services.
Last year, for example, mobile phone provider Talk Talk was targeted by hackers who stole the bank details of more than 15,000 customers while hotel chain Hilton saw customer credit card information hacked.
90% of large organisations and 74% of SMEs reported they had suffered an information security breach in 2015, according to Government figures while malicious software has affected nearly three-quarters of large organisations and three-fifths of small organisations.
The outsourcing of increasingly complex IT and technology gives cyber criminals another possible avenue of attack, Marsh reported.
Retailers need to understand key cyber risk scenarios they face, consider their potential financial impact, third-party liability and business interruption and work with risk advisers to analyse and document existing insurance.
They should also consider risk financing strategies, the report said.