January Issue

CIOs Need to Snap Out of Complacency

Your business colleagues aren't as impressed with you as you are. Our 14th annual State of the CIO research rewrites your priorities for 2015.

1 2 3 Page 3
Page 3 of 3

Retailers Seem Less Concerned About Data Security

Despite the data disasters at Target and Home Depot, retail CIOs have a below-average interest in upgrading cybersecurity

A slew of high-profile data breaches have apparently pushed security higher on the agenda of corporate America, according to our 2015 State of the CIO survey. The survey finds that upgrading security is among the top four priorities that CEOs have for their CIOs in the coming year. But there's one surprise in the survey results: Despite the headline-grabbing security disasters at retailers such as Target and Home Depot, CIOs in the retail, wholesale and distribution industries are less likely to give security top priority than CIOs in some other industries.

Overall, 23 percent of CIOs say that increasing cybersecurity will be the most significant reason for IT investments this year. But in an industry-by-industry breakdown of the results, only 18 percent of the CIOs in the retail, wholesale and distribution industries said they feel the same way. In contrast, 41 percent of CIOs in high tech, 32 percent of those in financial services and 29 percent of government and nonprofit CIOs said security will drive spending.

In the survey, retail CIOs rank omnichannel projects, business process improvement and customer acquisition and retention ahead of security.

"At the risk of generalizing, retail companies tend to be very reticent to make investments in technology or software that doesn't appear to have a bold, straight line back to sales or profitability. They tend to be rather shortsighted in terms of investment and payoff on things like data security," says Doug Stephens, president of Retail Prophet, a management consulting firm. "I do think, however, that there will be a growing realization that data security and respect for consumer information will prove, in the end, to be a powerful competitive advantage and spur greater investment by retailers in the tech and protocols to provide it."

But for now, the focus is on profits. "Retailers are under enormous strain to keep afloat. Consumers are more conscious and surgical in their buying behavior, price competition is ferocious, and pressure from e-commerce continues to grow," Stephens says. "In this environment, issues like security, environmental sustainability and employee welfare have all taken a back seat to survival."

While many retail CIOs did not place security atop their priority lists, they're not ignoring it. "I definitely put security near the top, in light of recent events like Home Depot," says Jack Wood, CIO of Wayfair, a $916 million online retailer. "Anything that touches customer data tends to be a priority for us. Cybersecurity ranks among the highest for those."

But the security challenge can be daunting. "There are so many different vectors that threats can come from," Wood says. "It's very hard from a cost perspective and effort perspective to focus on all of them."

Wood says he's addressing security by examining Wayfair's technology stack and making risk assessments to ensure that he has made the right investments.

Thor Olavsrud

Copyright © 2015 IDG Communications, Inc.

1 2 3 Page 3
Page 3 of 3
Survey says! Share your insights in our 2020 CIO Tech Poll.