Click to learn more about author Tom Callahan.
Over the past year, the COVID-19 pandemic has all but silenced any remaining doubt regarding the importance of digital transformation – a truth that is evident across virtually every aspect of how the world now works, shops, and lives. Retailers, and convenience stores (c-stores) in particular, had to accelerate their technology strategies and adopt contactless payment, home delivery, and curbside pickup processes. And they had to do all that in addition to deploying a wide range of edge devices like point-of-sale (POS) systems, tank gauges, digital displays, self-service kiosks, and more.
Although these connected technologies turned out to be a boon for both customers and c-store operators from a convenience and safety standpoint, there has been a significant tradeoff. C-stores are now increasingly vulnerable to cybersecurity threats.
In fact, network and data security has risen to the top of most IT priority lists. Here’s why and here’s what c-stores can do to help fortify their defenses.
Increasing Adoption of Mobile Payment Technology
In an effort to enable shopping and purchase convenience and limit face-to-face contact, c-stores continue to increase their adoption of mobile payment technology. According to PWC’s 2021 Global Consumer Insights Pulse Survey, 45% of consumers said they were using their mobile phone more last year as a shopping channel since the COVID-19 outbreak.
Likewise, findings from the 2020 C-Store Shopper Report show that 39% of respondents said they used their loyalty program’s mobile app to pay for purchases. This supports a historic prevailing trend among many c-stores that were already offering or working toward offering consumers the option to pay with a private-label debit card through their mobile devices.
Adding to that, 5G technology offerings continue to expand, driving mobile adoption. And, while this new technology, combined with better performance – including greater data capacity, lower latency, and precise location sensing – has significant implications on the c-store customer experience, it also presents new security risks.
More Aggressive and Persistent Hackers Exploiting Weaknesses
As c-stores focused on keeping their shelves stocked, customers happy, and businesses going, hackers were becoming increasingly aggressive in their efforts to find and exploit security weaknesses. VMware’s first cybersecurity threat survey conducted in 2020 showed 92% of respondents in the U.S. stated the number of cyberattacks had increased in the last 12 months. A supplemental survey then found that a staggering 89% had been targeted by malware directly related to COVID-19. So, why were c-stores a primary target?
Topping the National Association of Convenience Stores (NACS) list of major issues affecting the convenience industry are data breaches and payment security. After malware attacks, data breaches at major convenience store chains often go unnoticed for months, during which time huge amounts of sensitive customer data can be compromised or stolen.
Additionally, as numerous c-stores accelerated their digital transformation journey last year, often more rushed than desired, they also became more exposed to hackers. This was largely due to the increased number of network edge devices. While more business is taking place at the edge, and the need for edge technology is growing exponentially, those operations are often being managed locally by an individual whose core competency is not IT. This opens the door to the potential for configuration mistakes and other human errors. As a result, c-store operators are facing even greater pressure to ensure that their security measures account for this higher risk exposure.
What’s a C-Store to Do?
Right from the start of the pandemic, the U.S. government designated c-stores as essential businesses. Almost a year later, retailers remain on the front lines grappling with how to best support their employees, serve their customers, and confront the security implications of ongoing market disruptions. Fortunately, most security risks can be mitigated by taking a few straightforward steps.
Becoming a hyperadaptive business is the best place to start. To do this, c-stores need a technology infrastructure that is flexible and resilient enough to allow for the unexpected. C-stores (and really all types of retailers) should consider SD-WAN technology along with Managed Detection and Response (MDR) services that can provide ongoing visibility to hackers and unwanted attacks.
SD-WAN technology can reduce the number of network devices and connections needed at each remote site, while significantly lowering network complexity, cost, and risk. MDR services can also provide a more cost-effective, individualized approach to securing an otherwise highly vulnerable business infrastructure across the entire supply chain.
In one sense, 2020 was really no different than previous years. Corporate offices of even the largest and most recognized organizations around the world were unable to provide onsite IT professionals to staff and support each of their remote locations. What was different, however, was the sheer amount of technology transformation required – virtually overnight – and the level of vulnerability these changes introduced.
Suffice to say, the c-store industry quickly learned some valuable lessons. At the forefront was the realization that security cannot be viewed as a “next step” on any action plan. Instead, security must be elevated to a higher level of criticality if any c-store wants to ensure both their customers and businesses are adequately protected.
While the c-store industry will inevitably continue to experience disruptions and market shifts, it’s safe to say that the current state will remain its “new normal” for quite some time. The pandemic has permanently changed the way we work, shop, and live. To remain competitive, c-stores must transform digitally to meet current and emerging customer demands. The most savvy business operators will focus on investing in innovative and proven technologies, as well as partnering with trusted vendors and consultants. As a result, they’ll be well positioned to continue optimizing the customer experience while growing their business, reducing risk, and protecting their valuable data and assets.