Digital Risks (Part 1)
The technology industry is advancing at a rapid pace with constantly evolving digital technologies at every turn. With high-speed advancement comes various emerging risks to numerous connected industries such as finance, e-commerce, and retail. The top five technology risks to various industries are e-commerce online security risk, product warehousing and logistics risk, data breach, cybersecurity risk, and technology vendor and third-party risk.
DIGITAL TECHNOLOGY RISKS
#1: E-COMMERCE ONLINE SECURITY: RISK TO E-COMMERCE INDUSTRY
- E-commerce Online security is a unit of protocols that ensure e-commerce transactions are secure. Thus, strict security requirements must be kept in place to safeguard e-companies from all kinds of cyber threats.
- There are instances when fraudulent e-commerce transactions take place. Web-based retailers do not have the means to physically verify the validity of the customer's card or verify if the customer is an authorized individual by requesting his/her driver’s license. E-commerce fraud can be committed in various ways such as using a stolen card for purchasing items, placing false claims of undelivered items, or hacking the merchant's system.
- If this risk takes place, it may lead to phishing, which is a fraudulent attempt to acquire sensitive information like customers' credit card details, usernames, and passwords. An unprotected online service can lead to data errors, credit card fraud, and hacking.
- The probability for this risk to occur is high since a survey conducted by OnePoll study found that 87% of individuals believe that they are not likely to purchase from an e-commerce business that has poor online security.
- Potential countermeasures include a multilayered security system installed on the e-commerce platform, a thorough monitoring system that checks each transaction from ordering to delivery, request users to place strong passwords for their accounts, and attain a trust mark with SSL certification.
#2: PRODUCT WAREHOUSING AND LOGISTICS: RISK TO E-COMMERCE INDUSTRY
- Operations of e-commerce warehouse operations and logistics is a challenging task. If it is not done properly, it may lead to increased expenses and a waste of time, which in turn would decrease customer satisfaction by a large margin.
- If the e-commerce inventory is not monitored with suitable tracking software, then businesses would end up running out of stock when orders come in, delay in shipment, and shipping products to the wrong recipient.
- According to Smart Insights, over 48% of shoppers factor guaranteed delivery dates to be an important aspect when checking out online. This suggests that the probability of the risk to occur is medium.
- Potential countermeasures include installing an inventory management software that automatically monitors and updates across all platforms, ensuring a suitable tracking software is in place, and ensuring the proper use of a barcode scanner to speed the process.
#3: DATA BREACH: RISK TO RETAIL INDUSTRY
- An attack on an e-commerce store or payment processing system can cause damages resulting in massive tech bills and several frustrated customers. Sensitive information has always been at risk of being stolen at a physical store or online.
- Hackers can steal sensitive data online by accessing the payment processor's system that is insufficiently protected or by "intercepting transaction data during transmission to or from the merchant services provider".
- It was found that most retail industry data breaches were made by hacking stores that utilized point-of-sale technology. Updating the e-commerce store's technology can prove useful in preventing some hacks.
- Acquiring a Data Breach Insurance can help online stores safeguard sensitive information from being stolen, prevent hackers from getting through their system and limit the damage of a security/cyber attack.
- According to Thales 2018 Data Threat Report, 75% of retail businesses have experienced a data breach during the period 2017-2018 while 52% of them have experienced it during 2016-17. These figures are found to have exceeded the global average.
- The probability of this risk occurring is high since statistics show that data breaches have doubled in 2018 alone as compared to 19% in 2017. The retail industry was found to have faced the second-highest data breach.
- Retailers like Best Buy and Sears got affected by the data breach issue in 2017. Retailers that were affected in 2018 include Panera Bread chain of cafes, Adidas, and Macy's.
- Potential countermeasures include updating old technologies with more advanced systems that can prevent hackers and safeguard the internal infrastructure and obtaining Cyber Liability Insurance. The insurance will enable e-commerce businesses to prevent customer identity theft and reduce the damage of an attack on the system.
#4: CYBERSECURITY RISKS: RISK TO FINANCIAL INDUSTRY
- The risk of cybersecurity is currently the most extensive IT risk known in the financial services industry. It refers to the risk accepted by a financial establishment to keep digital information safe and private from theft, misuse, or damage.
- The risk arises due to various internal and external factors such as the lack of user privilege segmentation, missing transaction controls, weak password policies, and insufficient logical access controls.
- In 2018, the Canadian Imperial Bank of Commerce and Bank of Montreal, two of the largest banks in Canada, claimed that hackers stole the financial and personal information of over 90,000 customers.
- The probability of this risk occurring is high because cyber risk in the form of degraded or disabled systems, destroyed files, compromised accounts or data theft is considered to be some of the top-of-mind risks these days.
- The risk of cybersecurity can be mitigated in numerous ways. It is important to ensure that the appropriate controls are installed across all business channels. The different divisions in a company, especially the finance department must ensure that access to sensitive information is not granted without proper authorization.
#5: TECHNOLOGY VENDOR AND THIRD-PARTY RISK: RISK TO FINANCIAL INDUSTRY
- The financial industry has a large business ecosystem that is made up of software providers, information technology providers, management consulting firms, outsourcing firms, human resources firms, accounting firms, and legal organizations.
- A failure in addressing emerging risks to internal management processes in financial institutions such as banks can lead to systemic and operational threats.
- Economist Intelligence Unit conducted a survey with 400 C Suite executives from leading banks around the world that revealed that over 71% of banks are currently focusing most of their digital investment on safety and cybersecurity while only 17% of them are considering the risks from third-party relations due to open banking.
- According to the survey conducted by BitSight, over 97 % of respondents claimed that cybersecurity risk that affects third parties is a major concern. It was also revealed that over 80% of those surveyed have claimed to terminate a business relationship because of a vendor's cybersecurity performance.
- The probability of this risk occurring is high because managing third-party cyber risk has become the top concern for businesses, according to the vice president of Communication and Government Affairs at BitSight, Jake Olcott. He states that although the financial sector is taking working on managing the risk, key aspects such as effective board reporting and continuous monitoring systems are still lacking in safety.
- An important countermeasure for this risk is the development of a risk framework that takes advantage of the benefits of digital transformation. This can be done by the financial industry collaborating with various technology suppliers and regulators, both cross-border and domestic.
- There must be a proper system of safeguarding data placed at the "core of sustainable digital finance". It is also essential for fintech component solutions to be integrated and reviewed in the system's supply chain.
We began our search by looking at the top technology risks across various industries such as Retail, Loyalty, e-commerce, Sales Transactions, and Finance in industry-specific websites such as SmartInsights, Floship, and Insureon. The articles and reports found enumerate the various risks associated with technology across several industries. We then filtered the information based on technological risks associated with industries such as retail, e-commerce, and finance.
Next, we looked for industry surveys and reports published by market leaders such as Deloitte. The surveys and reports obtained contained information on various technological risks associated with specific industries such as e-commerce and finance. After an extensive search through these channels, we were able to determine the risks that businesses across various sectors are most concerned about. We ensured that each risk identified has been stated as a major risk by business leaders and C-Suite executives of major companies.
Information regarding the potential impact and the probability of occurrence was found based on surveys conducted and statistics/data on risks that have already been faced by companies such as Sears, Best Buy, Macy's, and Adidas.