Every LP trade show we attended this year featured one or more presentations on data security. In this edition of the magazine, we are adding to the conversation with several articles.
The cover story entitled “Building a New Defense Team” features interviews with several experts who presented at the National Retail Federation’s (NRF) LP conference in June as well as others involved in cybersecurity. Jac Brittain’s article discusses a number of issues important to retailers who may or may not have a strong information-protection plan in place.
Another feature article, “The Challenges in Dealing with Data Breaches” on page 39, includes excerpts from a cybersecurity panel discussion at the Retail Industry Leaders Association (RILA) asset protection conference in April. The panel included experts from both the private and public sectors who offered frank suggestions for preparing for data breaches and responding to them “when, not if” they occur.
In our second edition of a new Ask the Expert column on page 48, we had a Q&A with Paul Murray of Wontok, Inc. to get his perspective on building a relationship between LP and IT.
All of these presentations and articles underscore how retailers should be partnering internally to build a data-protection plan similar to the disaster recovery and business continuity plans that most retailers have had in place for years. The panel discussion included a representative from the Secret Service who also emphasized the importance of partnering with law enforcement before a data breach.
You may be asking why loss prevention professionals should be reading about information security, which is typically the responsibility of the IT department?
LP can provide a great deal of expertise to the corporation when it comes to data security. LP already has strong law enforcement partnerships on the local, state, and federal levels that can be leveraged for data security. LP already has strong physical protection experience that can be leveraged for protecting the physical assets where data resides in stores and headquarters. LP already has strong investigative skills to help determine how and why a data breach occurred. Finally, LP already has experience in writing or assisting in the planning and training for many corporate risk-management issues.
All of this LP experience should be leveraged by retailers to ensure they have the best data-security plan in place no matter on whose desk the final responsibility lies. In my observations of LP practitioners over the past twenty-plus years, LP departments have continually offered added-value to their corporations in multiple ways. Data security is another way LP can…and should…play an integral role in the retail organization.
I suspect that many of our forward-looking LP executives are already involved. We would love to hear from those who could provide insights to our readers on how they have gotten involved and suggestions for ways to add value to the organization. If you are someone who is already contributing to your company’s data-security program, please contact us. We would love to add your voice to this discussion.
If you are not involved yet, contact your IT peers to offer your expertise.