The NRF PROTECT conference and expo was back in person at Cleveland’s Huntington Convention Center, June 21-23, 2022. The conference, which covers the ever-merging fields of loss prevention, digital fraud, and cyber risk, featured retail security executives from across the country as well as 200 exhibitors, seeking solutions and partnerships to address challenges in cybersecurity, organized retail crime, and more.
As these issues emerge in a variety of ways, executives must develop new modes of establishing effective leadership and new methods of collaboration to stay ahead of these challenges.
Retail Security Cannot Be Protected in Silos
New threats demand fresh response strategies. When you want to fix an issue effectively, it’s often best to get a different perspective, said John Matas, director of global fraud, risk, and compliance operations at Etsy Inc. Most IT teams think of technical responses to problems but there’s power in information sharing and understanding the skillsets of everyone in your organization.
For example, the C-suite aims to solve big problems and is future-focused on what a challenge means for the brand. When talking to them, it’s important to craft messages in short bursts and talk in their language so they can be on board and apply strategies effectively, said William Evanina, founder and CEO of The Evanina Group.
Retailers need to have conversations in advance with their general counsel and leadership to develop a response plan in case of cyberattacks and other catastrophes to ensure the team has all the information it needs. That includes a timeline process, how to report incidents, and who has the authority to effectively distribute information, said Erin Joe, senior vice president of strategy and alliances for Mandiant. Jodie Kautt, vice president of cybersecurity at Target, agreed that retail security should be treated as a joint effort—the retailer recently blended its cybersecurity and fraud functions, establishing a more coordinated team to assess retail risk and protect its business.
Understand Retail Crime’s Many Sides
According to NRF’s 2021 National Retail Security Survey, more than two-thirds of retailers said the pandemic increased the overall risk of organized retail crime for their organization because it attracted enterprising retail criminals. ORC groups are becoming more sophisticated and are expanding across the United States. Goods are being exported and are ending up back in the supply chain to be sold by reputable retailers. Some groups have even attempted to open their own stores full of stolen merchandise.
Challenges in combatting ORC include inconsistency in its definition and the ease of resale from the increase in online marketplaces. It can also be difficult to prove that an item online has been stolen, said Brian Cairl, senior managing director of K2 Integrity. Retailers must find a way to standardize how ORC is prosecuted to assist law enforcement.
Leadership Requires Controlled Concern
Being a subject matter and technical expert is pivotal to getting the job done, but emotional intelligence and the ability to stay controlled and pivot are skills that can be practiced ahead of time and kick in quickly during challenges.
Stresses from the pandemic, the economy, and more are starting to manifest, and it’s important to learn to identify and address the behavior instead of the person. The quickest and simplest way to solve issues during a crisis is by listening, said Evy Poumpouras, former Secret Service agent. Seeing early signs and helping divert tragedies like a mass shooting could require situational empathy like asking someone how they are doing and active listening when behavior may be out of character, said Jillian Peterson, author of “The Violence Project: How to Stop a Mass Shooting Epidemic.”
Emotional intelligence can even be applied to emotionless tech. Cyber leaders understand that assessing risk varies across systems in retail; Albertsons’ Jack Hamm, cybersecurity CTO, and Chad Walker, director of the portfolio information security office, recommend focusing on patterns and processes over perfection to effectively maintain operational tech.