Retail CISOs Take on More Risk to Foster Innovation

CISOs in consumer and retail organizations appear to accept greater risks to allow for more innovation, which could be a model for future growth.

Chief information security officers (CISOs) have long borne the reputation of blocking innovation to keep their organization and all its data safe and sound.
However, those competing priorities appear to be shifting, especially in the retail and consumer sectors. While the majority of CISOs (59%) across all sectors see themselves as enablers — as opposed to just managers of cyber-risk — nearly all (97%) CISOs in the retail segment view their role as an enabler, according to
a survey of more than 1,000 global CISOs
conducted by cybersecurity firm Netskope. As a result, CISOs acceptance of risk has grown, with the majority of all CISOs ready to take on more risk compared with five years ago. For the retail sector, the share of risk-embracing CISOs is even higher (74%).
The pressure on companies to innovate — and CISOs understanding of their role in making that happen — are driving CISOs to become risk-takers, Netskope CISO James Robinson says.
Typically, you had someone who was really, really technical, and they were working through things, but they really didnt have that business side of the brain — knowing the business metrics and data, he says. CISOs have moved from the need to say no and maybe even taken it a step further — saying the answer is always, Yes, just how do we get there?
From
gift-card scams
to
brand hijacking for phishing attacks
to
devastating ransomware
, retailers are a popular target for cybercriminals and fraudsters. At the same time, the retail sector has had to weather the chaos caused by the pandemic and supply-chain disruptions, which led to demand fluctuations and a loss of brand loyalty. The subsequent spike in inflation over the past two years left many consumers prioritizing price. Most retail executives (67%) expect consumers to purchase fewer products in 2024, and so retailers are increasingly focused on winning loyalty, according to
consultancy Deloittes 2024

US Retail Industry Outlook report
.
With all those disruptive forces in the market, retailers have had to transform themselves to compete, morphing from just focused on selling products to becoming data companies. Consequently, CISOs at retail companies can no longer afford to focus solely on putting a wall around their information, says Netskopes Robinson.
Like other members of the C-suite, CISOs have to be thinking about the business more holistically, Robinson says.
Retailers now have to ask, Whats the next innovation? Whats the next thing we have to do? he says. And all of those decisions are data driven ... theyre being led by this wealth of data that theyre collecting, so that they can have targeted experiences for their customers.
Artificial intelligence is one obvious way to innovate. A great deal of the pressure to change over the past two years has come from the development of AI capabilities and businesses fear of missing out on any innovations — and competitive advantages. In-store cameras paired with AI analysis can determine consumer interest in products, ecommerce platforms can better predict inventory, and stores can even use recognition of facial expressions to gauge consumer sentiment.
While most companies have slowly tested the waters of AI, many will be putting their first AI-powered applications into product in the next 12 months, Robinson says.
This is the first year also that were really seeing GenAI projects kick off, and in the next year, well start to really see kind of the value of some of these projects, he says. So I think thats probably whats shaping it even more.
Yet, AI and cybersecurity are two technology areas that are least likely to have positive returns on investments for retailers, according to
consultancy KPMGs 2023 US Consumer and Retail Sector Insights Report.
Only 46% of survey respondents noted an increase in profitability or performance due to AI — and 45% from cybersecurity. But the consumer and retail sector fell even short of that threshold, with 38% and 37% of respondents, respectively, in those industries seeing a return on investment from AI or cybersecurity.
For many consumer and retail organizations, getting data right is still a work in progress, KPMG stated in the report.
Understandably, there are still some risks where CISOs are unwilling to compromise. Sharing information with outside parties or third parties without the proper review and without the proper agreement in place — a threat becoming more common in the era of AI — is just not possible, says Robinson.
We knew how to data warehouse, and its got business value — even more now with the development of GenAI, he says. I think all of those things have kind of started to come together at this point, allowing the retail CISO to really have a leg to stand on. Now they just also have kind of the business knowledge, because theyre being brought into more of these conversations at this point.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Retail CISOs Take on More Risk to Foster Innovation