Cybersecurity in retail and smart cities

Cybercrime is nothing new. The threats that accompany society’s increased digitalization have been explored in alarmist articles, science fiction movies, and everything in between for decades. But that doesn’t mean the need for robust cybersecurity isn’t real. Digital enhancement brings increasing digital risk. Stringent provisions are more necessary now than ever.

Cybercrime’s prevalence—and its cost—are in rapid ascendance. The UN reported that cybercrime skyrocketed by 600% during the pandemic, a result of an almost overnight reliance on digital working, shopping, and communicating through a period of physical detachment. There was a 10% increase in the average total cost per security breach from 2020 to 2021, while a McAfee report estimates that the global cost of cybercrime has now reached over US$1 trillion.

The need for vigilant cybersecurity measures is paramount. The retail sector has proven especially vulnerable. Trustwave reports that retail is on the receiving end of 24% of all cyberattacks, more than any other industry.

Retail’s reliance on mixed technology—pairing old point-of-sale systems like cash registers and in-store purchases with cloud-based e-commerce and administrative systems—makes it an ideal target for hackers. On top of that, retail’s customer data tends to be high value, often consisting of credit card details, phone numbers, and security questions and answers. The industry’s high staff turnover rate of also makes it vulnerable. 64% of retailers report attempted attacks each month, with the cost of a hack to an e-commerce site currently averaging $4 million. In 2020, cyberattacks cost online retailers a remarkable £5.9 billion in the UK alone.

But the problem is not limited to e-commerce. Brick-and-mortar retail stores are at enormous risk too. In fact, part of the reason physical stores have become an easy target for cybercriminals is that in-store management is often inattentive, presuming that such attacks only take place online.

That may have been true at one time, but many physical stores today are increasingly reliant on Internet of Things (IoT) devices. IoT solutions offer extraordinary benefits in-store—indoor navigation, presence detection, and preventive maintenance, to name but a few. But if not properly secured, increased digitalization can leave retailers exposed.

Equally vulnerable are smart cities. To thrive as intended, smart cities rely on a complex and interdependent network of devices, platforms, systems, and users, all contributing vital information that helps keep the engine running. But to be reliant on so many moving parts can leave gaps—exposed areas that bad faith actors know how to exploit.

A key challenge for smart cities is integration and coordination. Cities are often made up of multiple municipalities, each of which typically has a different set of capabilities, different priorities, and different approaches to technology management. Increased communication among smart city stakeholders is vital for confronting cybersecurity threats.

Some steps have already been taken to address such concerns. Over fifty civil society and industry representatives support the Multi-Stakeholder Manifesto, launched in 2021. The manifesto warns that cybercrime “poses new risks to human security, dignity, and equity” and that “no single actor can adequately counter them on their own.” It proposes a multi-stakeholder approach that puts protecting victims at the top of its agenda.

“Governments around the world have long abused cybercrime measures and used cybercrime legislation to expand state control and criminalize the publication and dissemination of unwelcome content, to impose mass surveillance and curb privacy in the name of fighting terrorism,” the authors note.

To effectively battle cybercrime, cooperation is required on a regional, national, and international level. Fractious regional and transnational relationships and opaque data management practices only fuel cybercrime’s rise.

The emergence of intelligent networks made up of billions of connected devices across a range of sectors has created a whole new world of vulnerabilities for cybercriminals to exploit. Some of the most common cybercrimes are phishing scams, ransomware, data breaches, distributed denial-of-service (DDoS) attacks, and supply chain disruptions. Cybersecurity must continually innovate and adapt to confront a diverse and ever-evolving range of threats.

As such, many new solutions have presented themselves. WISeKey has emerged as a vital authentication and identification partner, while Darktrace employs AI as a tool of defense—preventing, detecting, responding, and recovering from cyberattacks at the very same time.

Meanwhile, Li-Fi adoption grows every year. Because it’s line-of-sight, Li-Fi is more secure than Wi-Fi—it won’t leak through walls or even windows with the blinds closed. Additionally, it can be paired with high-quality lighting within the same luminaire.

57% of large and midsize businesses cite security concerns as the top barrier to further IoT adoption. But the real issue is not the IoT or the systems that use it: it’s companies and systems that use the IoT without making sure that robust cybersecurity measures are implemented and managed properly.

The top tech companies in the world have pledged billions of dollars to strengthen cybersecurity and train skilled cybersecurity workers, an action that speaks to how seriously they are taking the threat.

But cybersecurity is an issue that covers the whole spectrum of society. As Google’s global affairs chief, Kent Walker, said upon announcing the measures, “Robust cybersecurity ultimately depends on having the people to implement it.” So it makes sense to partner with a reliable expert in the field that is always keeping an eye on the latest threats and the evolving solutions that exist to counteract them.

Just as one would feel responsible for the security of a guest in their home, so companies should feel responsible for those navigating their website, store, or purchasing their products. Investing in the best in cybersecurity is the only way to keep people—and their data—safe.