Digital Transformation In Retail: The Retail Apocalypse


Much like the hospitality industry , digital transformation in retail has been a huge driver of change. One important fact is getting lost among all of the talk of “the retail apocalypse” and myriad stories about increasingly empty shopping malls: there’s a lot of money to be made in retail. In fact, the retail market was expected to grow by more than 3 percent in 2018 , unemployment is low, and wages are at least stable.

Retailers increase cyber security spending, but attacks continue to rise

IT Governance

The UK’s biggest retailers are spending more than ever on cyber security but are continuing to see an alarming rise in cyber attacks and data breaches due to the ever-evolving threat landscape, a report has found. According to The British Retail Consortium’s 2019 Retail Crime Survey , large organisations invested £162 million in cyber defences in the 2017­–18 financial year, an increase of 17% on 2017. Are retailers investing wisely? Retail


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

DPIAs for retail and hospitality 

IT Governance

It’s relevant for everyone, including retail and hospitality. Retail and hospitality organisations will likely need to conduct several to cover all their processes, both new and existing. Common activities for retail and hospitality requiring DPIAs. To give an idea of what activities may require a DPIA in real terms for the retail and hospitality sectors, here is a non-exhaustive list: CCTV.

It’s time to think twice about retail loyalty programs

Thales Cloud Protection & Licensing

As I was starting to write this blog, yet another retail program data breach occurred, for Marriott’s Starwood loyalty program. In this case, it looks as though the attackers had been on the Starwood network for somewhere around three years, mining out their reservations database (keep in mind that Marriott only acquired Starwood in 2016 ). But it looks like my own personal data has been breached – again. But none of these reasons rose to the top in retail.

Sports retail giant Decathlon leaks 123 million customer and employee records

IT Governance

Decathlon, the world’s largest sporting goods retailer, has suffered a massive data breach, affecting 123 million customer and employee records. It contained information from the retailer’s Spanish businesses and potentially its UK stores.

How data breaches are affecting the retail industry

IT Governance

It seems like there is another one being reported in the news every week. Only time will tell – and we may not have to wait long – but in the meantime, what is the impact of data breaches in the retail industry, and what needs to be done to mitigate them? World-famous retailer Fortnum & Mason suffered a data breach , affecting 23,000 of its customers, through a Typeform service used to collect votes for one of the categories in its food and drink awards.

The benefits of a flexible operating model in data governance


Data governance is the essential foundation for organizations looking to create business value from data. It creates the structure that enables collaboration on and analysis of trusted data. Setting up effective data governance, however, can be quite challenging. Who governs it?

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. The post Facebook links cyberespionage group APT32 to Vietnamese IT firm appeared first on Security Affairs.

Retail has a multi-cloud problem…with sensitive data

Thales Cloud Protection & Licensing

Digital transformation (DX) is fundamentally impacting all aspects of the economy across every industry, and nowhere is this truer than in retail. DX technologies such as cloud, mobile payments, IoT, Big Data and others have fundamentally changed retailers’ business models, not only by opening new channels to reach customers, but also in how they communicate with, serve, and support them. And with IT security spending increases tapering off, that’s now a requirement.

Digital Transformation in Municipal Government: The Hidden Force Powering Smart Cities


When you think of real-time, data-driven experiences and modern applications to accomplish tasks faster and easier, your local town or city government probably doesn’t come to mind. But municipal government is starting to embrace digital transformation and therefore data governance. Municipal government has never been an area in which to look for tech innovation. Digital Transformation in Municipal Government: Being “Smart” About It.

Ransomware at IT Services Provider Synoptek

Krebs on Security

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources.

Digital Transformation Examples: Three Industries Dominating Digital Transformation


Its past successes – and future potential – are well documented, chronicled in the billion-dollar valuations of the frontrunners in the practice. Amazon began as a disruptor to brick-and-mortar bookstores, eventually becoming one of the most obvious digital transformation examples as it went on to revolutionize online shopping. Digital Transformation in Retail. The inherently competitive nature of retail has made the sector a leader in adopting data-driven strategy.

Credit card gambling ban: government to meet banks and bookies

IT Governance

In its review of online gambling last year, the Gambling Commission said it would also consider “whether gambling on credit should continue to be permitted” as it “increases the risk that consumers will gamble more than they can afford”. It found that between 10 and 20% of gambling deposits are made with money that consumers don’t actually have, so if the use of credit cards is restricted or prohibited, billions of pounds’ worth of bets would be affected.

Top 10 Data Governance Trends for 2020: Data’s Real Value Comes Into Focus


Understanding the data governance trends for the year ahead will give business leaders and data professionals a competitive edge … Happy New Year! Regulatory compliance and data breaches have driven the data governance narrative during the past few years.

List of Data Breaches and Cyber Attacks in March 2021 – 21 Million Records Breached

IT Governance

Don’t be fooled by the fact that we only recorded 20,995,371 breached records in March; it was one of the leakiest months we’ve ever seen, with 151 recorded incidents.

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave.

Croatia government agencies targeted with news SilentTrinity malware

Security Affairs

Croatia government agencies have been targeted by unknown hackers with a new piece of malware tracked as SilentTrinity. A mysterious group of hackers carried out a series of cyber attacks against Croatian government agencies, infecting employees with a new piece of malware tracked as SilentTrinity. The SilentTrinity malware can take control over an infected computer, it allows attackers to execute arbitrary commands.

How Lush could have protected its till system

IT Governance

In November, Lush – the high-street store known for its fragrant, eco-friendly beauty products – temporarily lost the ability to take card transactions after a member of the IT team “ deleted the till system by accident ”. However, although it has not been confirmed, it’s highly likely that Lush’s takings were hit hard by its inability to process card payments. Determined if this was within its risk assessment criteria.

IT 44

The Local Business and Government Digital Marketing Dilemma — Top Eight Strategies in Virginia Emerging Into the Post-COVID era 2021

Interactive Information Management

Yes, you may freely use the platform for your own communications purposes — but it’s not a garden walled from publisher-owner influence or governance, at all. Setting aside brick-and-mortar retail for a while more).

#ModernDataMasters: Nicola Askham, The Data Governance Coach


Nicola Askham is the leading data governance training provider in the UK with over 16 years of experience and research in the field. She delivers training and consulting to major organisations to help them implement full data governance frameworks. Nicola’s powerful methodology breaks down the data governance initiative into logical steps to implement a framework that suits each unique client. ” However, I got into data governance totally by accident.

Data Governance and Business Transformation


Collibra organized a Data Governance and Business Transformation seminar in Paris recently, bringing together data managers from the financial, retail, transportation, and logistics industries. During the seminar, Collibra and Data Citizens presented some findings and current developments regarding digital transformation: Henry Peyret, Principal Analyst for Forrester, proposed an analysis of the role of data governance in the digital transformation of companies.

UK ICO Issues Unprecedented Fine Against Mobile Phone Retailer for Lax Security

Hunton Privacy

On January 8, 2017, the UK Information Commissioner (“ICO”) issued an unprecedented monetary penalty of £400,000 against British mobile phone retailer, The Car Phone Warehouse Limited. Following an attack on their system in 2015, the ICO found that the company had failed to take adequate steps to protect the personal data it held on its system. In its decision, the ICO meticulously detailed the chronology of events and technical failures that led to the breach.

California IT service provider Synoptek pays ransom after Sodinokibi attack

Security Affairs

Synoptek, A California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware. ” T he IT service provider confirmed the attack but did not comment on whether it paid the ransom asked by the crooks. “On

Robot receptionists aren’t the answer: Why the hotel industry should rethink its approach to smart technology

IT Governance

It therefore makes sense that organisations plough whatever resources they have into addressing these concerns. Smart technology, by contrast, is defined by its lack of guidelines. Its appeal is in its originality, so those wanting to implement new ideas need to invest in the concept and ride out the teething problems. It’s therefore not a case of what can organisations afford but what’s going to give them the best return on investment. Cyber Security Retail

Trusted Customer Engagement with Data Governance and Privacy by Design


Examples include organizations driving disruptive innovations in retail (Amazon), transportation (Uber), hospitality (Airbnb) and entertainment (Netflix). California has enacted the CaCPA , and in July, the European Commission and the Japanese government published a joint statement on international transfers of personal data. Comprehensive enterprise data governance fuels strategic business initiatives, drives privacy and protection, and supports regulatory compliance efforts.

Reltio Cloud – Your Key to a Successful SAP S/4HANA Migration


And why can’t they resolve it themselves?” ” “It’s the sheer mental fatigue and they can’t think anymore. Let’s sit somewhere and talk about it for a bit, maybe I can offer some advice.” ” “But to do that, you need to think a little differently, and improve the efficiency where it matters, especially when it comes to your master data.” It’s at the heart of this whole thing as I said earlier.”

Iran-linked APT33 updates infrastructure following its public disclosure

Security Affairs

The Iran-linked cyberespionage group APT33 has updated its infrastructure after the publication of a report detailing its activities. Now, a ccording to researchers from Recorded Future, since the publishing of the report, APT33 (aka Elfin ) has updated its infrastructure. The experts at Recorded Future speculate that one APT33 actor, the Nasr Institute, is part of a tiered structure of the Iranian government cyber operations apparatus that also includes APT35 and MUDDYWATER.

#ModernDataMasters: Mike Evans, Chief Technology Officer


It became apparent very quickly that a lack of focus on data was the root cause. If there’s one lesson I’ve learnt, it’s that you can’t cut corners in MDM. It is as much to do with changing the culture of a company and embracing the value of data, as it is about technology or process.”. How would you define “modern” data management and what does it /should it mean for organisations that adopt it? Prioritise people, process and governance.

MDM 63

Lessons from the Eurostar hack

IT Governance

Last month, cross-Channel rail service Eurostar discovered that it had suffered a hacking attempt between 15 and 19 October 2018. Once Eurostar realised it had suffered a data breach, it: Identified the timing and the scale of the breach; Blocked access; Emailed customers alerting them to the situation and advising them to reset passwords; and. Eurostar actively ensures that its customers’ financial details are never stored – meaning no one can ever access them.

Retailer Sued over Allegations that Background Check Consent Form Includes Extraneous Information

Hunton Privacy

As reported in the Hunton Employment & Labor Perspectives Blog : On November 2, 2015, a putative class action was filed against retailer Big Lots Stores, Inc. In fact, Big Lots is fighting another, similar putative class action that was filed against it earlier this year in Illinois. Failure to comply with the FCRA can result in state or federal government enforcement actions, as well as private lawsuits.

The Ocado fire – when disaster recovery becomes real

IT Governance

Not only was its robotic warehouse devastated, but the news that its deliveries would be compromised resulted in the group’s share value plunging. Although share prices showed signs of recovery within a couple of days, more than £1 billion was wiped off the stock market value of the firm, as investors worried that retailers may be less keen to buy into the automated warehouse technology having seen that there is a potential vulnerability.*.

Risk 45

JavaScript keylogger sees Vision Direct’s customer data stolen

IT Governance

Contact lens supplier Vision Direct has released information about a data breach it suffered earlier this month. was compromised,” said a statement on its website. It’s not clear how many people are affected, but the compromised data includes: Full name. It claims to have fixed the issue with its website. That’s exactly what it was. The post JavaScript keylogger sees Vision Direct’s customer data stolen appeared first on IT Governance Blog.

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 I was cognizant of these complexities when I sat down with Mike Jordan to learn more about the member-driven Shared Assessments Program, which finds itself in a unique position to help stem the tide of rising third-party cyber risks – and one day, perhaps, even help to reverse it. It was a natural step to expand and evolve these protocols and tools, and to invite companies from other sectors to participate.

Risk 107

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

Compared to its predecessors, the sixth “Hi-Tech Crime Trends” report is the first to contain chapters devoted to the main industries attacked and covers the period from H2 2018 to H1 2019, as compared to the period from H2 2017 to H1 2018.

Shopping safely over Black Friday and Cyber Monday

IT Governance

Black Friday and Cyber Monday are almost upon us, kickstarting what retailers hope will be a successful trading period. Although the UK was slow to adopt Black Friday (which falls on 23 November this year) and Cyber Monday (26 November), the country is now fully on board with the fantastic savings and unbeatable offers it promises. If an offer seems ‘unbelievable’, it probably is.

Sales 57

FINRA Issues 2021 Report on its Examination and Risk Monitoring Program

Data Matters

Released on February 1, the Financial Industry Regulatory Authority (FINRA) 2021 Report on its Examination and Risk Monitoring Program (Report) provides a roadmap for member firms to use to prepare for examinations and to review and assess compliance and supervisory procedures related to business practices, compliance, and operations. In its recent exams, FINRA has found many instances of firms making misrepresentations related to cash management accounts and digital assets.

Morrisons loses data leak appeal

IT Governance

Supermarket giant Morrisons has lost the latest round in the legal battle for compensation by thousands of its staff whose personal details were leaked on the Internet. Morrisons sought to reverse the December 2017 ruling of what was the UK’s first class action data breach case, saying it could not be held directly or vicariously liable for the criminal misuse of the data, and that any other conclusion would be grossly unjust. It’s a risk that no organisation should take.

The PCI SSC’s new software security standards – what you need to know

IT Governance

In the interim, all current payment applications will continue to be governed under the PA-DSS programme until the expiry date for those applications is reached. The PCI SSC is the governing organisation responsible for the development, management and awareness of all PCI security standards, including the PCI DSS (Payment Card Industry Data Security Standard) which exists to decrease payment card fraud across the internet and increase payment card security.

BA data breach: 565,000 customers may have been affected

IT Governance

In September, British Airways announced it had suffered a data breach that compromised the personal and financial data of more than 380,000 customers. This revelation is an additional blow to the airline: not only did it suffer a breach but it also didn’t fully realise the extent of the attack. BA insists that there haven’t been any instances of fraud attributed to the breach, although it’s possible that fraud simply hasn’t been identified or officially reported yet.

Card Factory allowed customer photos to be exposed publicly

IT Governance

Card Factory, the UK-based gift shop and greeting card company, inadvertently made customer photos publicly available on its website. When he uploaded his photo to the organisation’s website, he found it was stored in an insecure way, and that he could access any user’s photos. It’s fairly common and totally unacceptable.”. According to Mashable, Card Factory became aware of the error on 8 October 2018 but didn’t immediately rectify it.