Why 60 per cent Retail Organizations in Asia Pacific Delay Digital Transformation Fear of cyberattacks is a well established concern in the sector and can cost US$18.7 million in direct and indirect economic loss

Technology is indeed a disruptive force—it enables fresh business models and opens new revenue sources. One of the biggest challenges in digital transformation, however, is ensuring the security of company data. A cyber attack can cost a large retail organization an average of US$18.7 million in direct and indirect economic losses.

That's why three in five (60 per cent) retail organizations in the Asia-Pacific region are slowing down the progress of digital transformation projects, says a Frost & Sullivan study, commissioned by Microsoft.

The price tag

The largest economic consequence of a cyber attack for retail organizations is the customer churn, resulting in US$16.9 million of indirect cost, says the study, "Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World," which was based on a survey of 1,300 business and IT decision makers ranging from mid-sized organizations (250 to 499 employees) to large-sized organizations (>than 500 employees), and 10 per cent of these respondents were from the retail industry.

For mid-sized retail organizations, the study says, the average economic loss due to a cybersecurity incident was US$47,000 per organization. The study further reveals that three out of four (73 per cent) cybersecurity attacks against retail organizations over the last 12 months have resulted in job losses across different functions.

Trust issues

"Trust is especially critical for retail organizations today as brand loyalty continues to erode in the digital era. If retail organizations do not have the reputation of being capable of protecting their customers' personal information and financial data, consumers will switch to another option in this hyper-competitive landscape," says Kenny Yeo, industry principal, cyber security, Frost & Sullivan. "This is why retail organizations have the highest customer churn after a cybersecurity incident, compared to other vertical industries."

Understanding vulnerabilities

What's surprising is that despite knowing the high economic cost and reputational damage that comes with cyber attack, retail organizations remain vulnerable. The study reveals that 56 per cent of the surveyed organizations have either experienced a security incident (27 per cent) or are not sure if they have had a security incident as they have not checked (29 per cent).

If companies don't undergo a digital transformation, they can jeopardize their growth opportunities in the region's developing e-commerce space and digital economy.

Over 40 per cent of the respondents from the retail industry see their cybersecurity strategy as merely a means to safeguard their organizations against cyber attacks. Only 22 per cent sees cybersecurity as a business advantage and an enabler for digital transformation.

"Retail organizations are increasingly looking to deliver personal, seamless and differentiated customer experiences by empowering people, enabling digital transformation and capturing data-based insights to drive growth," says Raj Raguneethan, Asia Lead, retail and consumer industries, Microsoft.

"Today cybercrime is a matter of when and not if. While data security and privacy are vital to any business, retail organizations and brands face enormous pressures and challenges with targeted cybercrime, complex supply chains, increasing compliance obligations and constant staff turnover. Given the impact of a cyber attack to the business and its reputation, it is even more critical for retail organizations to prioritize trust, transparency, standards conformance and regulatory compliance as key success factors while formulating their cybersecurity strategy."