RAFAEL RODRIGUEZ: Cyber crooks are racing ahead of businesses’ security plans

We are going to see businesses clamber to run an even more competitive race to attract, retain and grow their customer bases in 2022. The role of digital to advance analytics and make better operational decisions, increase performance and optimise core processes, will similarly accelerate.

The online expectations of consumers — whether business to customer, or business to business — are huge. Online interactions with clients can target anyone, anywhere in the world, and are relevant in a way not possible a decade ago. But SA businesses and our broader economy face significant risks that we must overcome if we’re to gain from the promises of a multidimensional and digitally transformed world.

While online experiences are becoming more seamless and functional for consumers and businesses alike, cybercriminals are leapfrogging ahead. In its recent African Cyber Threat Assessment Report, the International Criminal Police Organisation (Interpol) highlighted just how serious the threat is for Africa, including SA. Alarmingly, more than 90% of African businesses are operating without the necessary cyber security protocols in place. Between January 2020 and February 2021 the report cites 230-million threat detections in SA alone (including email, files and web threat detections). Most startling, it found that SA has the third highest number of cybercrime victims worldwide!

A key component in the marriage between an optimum customer experience and digital transformation solution for broader growth, is the availability of data and innovation in data analytics and artificial intelligence. There is a significant challenge and risk associated with the expanding prevalence and innovation in customer experience and digital transformation journeys: the more data that is available on more platforms, whether for individuals, businesses or governments, the more opportunity for cybercrime.

One of Covid-19’s many consequences has been to expedite digital transformations, and related improved customer experience, for many businesses. During the pandemic many retail and corporate customers moved online for a number of goods and services. As customers increased their digital shopping footprint, the knock-on effect for companies with an online presence was the need to provide more convenience and a more personalised experience to this new market.

For all of us who shop on an online platform the benefits of improved customer experience and digital transformation are immense. I can, for example, view the grocery products I most frequently purchase on my online delivery grocery app and much of my shopping list is right there. Although this sort of personalisation geared towards providing an experience tailored to preferences can be immensely time saving for the end user, the data associated with these advances is an enormous cyber security and customer trust risk.

Every business offering a new online customer experience must include in its strategy how its technology integrations will be managed to meet cyber threats without expense to customer convenience. Zooming in on the ways these cybercrime threats materialise, ransomware attacks and data breaches have been primary sources of cyber security issues and are particularly relevant to companies gathering data for improved customer and digital initiatives. Ransomware essentially locks users out of their data/systems following which cyber criminals demand a ransom to release systems or data back to the owner — often threatening to release the information to the public.

In other cases, cyber criminals will steal data (known as a data breach) with the aim of selling it, leading to identity theft, fraud and financial losses for victims, who in many cases may be customers of a business that has been attacked. As a result, this has a   significant effect on customer experiences and will also cost organisations its brand reputation and revenue. These real and constant risks make it imperative for organisations to continuously invest in cyber security to prevent not only any negative customer experiences but uphold their brand reputation. With the threat from online attacks increasing, those businesses that take data protection seriously will no doubt see increased customer loyalty and retention, while those that don’t will incur immense liabilities and public outrage. 

Businesses that have gone through rapid, pandemic-panic-driven digital transformation may well be asking whether their current systems and procedures can withstand this significant threat and what else they can be doing. The good news is that there are three things SA businesses can start doing to guard against cybercrime threats:

• First, a review of data collection from all digital and physical touchpoints should be conducted. A key question here would be whether all fields of data collected are legally or commercially required, and whether excluding any unnecessary data may harm customer experience overall.
• Second, improving encryption practices and cloud storage security is vital. This is especially important when clients are led to payment gateways. Part of this includes ensuring that security software is updated on a regular basis. Malware protection should be regularly reviewed and critically analysed to make sure it is up to dealing with current or expected threats.
• Finally, a regularly updated and current cyber breach plan should be in place. Should the worst happen, no company wants to asking “what next”? Who does what, and how do we keep our customers’ data safe and communicate on what is going on? Make sure this plan is aligned to your overall cyber security strategy and most senior responsible experts.

Tech advancements to optimise customer experience are a given, and businesses needn’t lose out on the opportunities these provide as long as there is an equal focus on cyber security.

• Rodriguez is executive partner and digital design lead at IQbusiness.