Uncover the root causes of cyber incidents
The report found that IT leaders too often experience problems but don’t understand the root causes, whether it’s IoT connectivity or artificial intelligence, and this lack of understanding can hinder clear strategies for cyber resilience.
Retailers need to diagnose the problem before they can solve it, Hagopian explained, and they can do that by talking to technology partners to find answers, connecting with peers and tracing the history of cyber incidents.
Sometimes the culprit is someone you would never expect. Consider, for example, how a new tool meant to simplify work ends up causing more confusion. “Different departments are buying their own technology and tools, which then need to be brought together in a central infrastructure and approved, centralized tools. And there’s always shadow IT, where end users might be buying something in a silo,” says Hagopian.
read more: Hear from experts about what cyber resilience means and how to achieve it.
Focus on reducing risk and downtime costs
Retailers know they need to respond when a cybersecurity incident occurs, but what about planning for defense? This involves identifying their biggest risks and developing a plan to mitigate them, Bell says.
Currently, roughly 80% of retail IT leaders surveyed feel at least somewhat prepared for a cybersecurity incident, despite the challenges of integrating legacy tools. For those who feel unprepared, Cost of outage Bell said the impact to brand reputation could be a bigger motivator than data leaks or compliance issues.
A quarter of respondents said a data breach had cost their organization between $5 million and $10 million in downtime in the past five years. That’s on the low side. “Outages can cost more than $100 million in a week in some cases,” Bell said.
These are the sorts of opportunity costs that linger long after an attack, but more importantly, Bell said, “the basic sense of trust that tends to get eroded when a breach occurs.”