With holiday shopping on the horizon, online merchants and brick-and-mortar stores are gearing up for a busy season. According to eMarketer.com, US retail sales in November and December 2015 are predicted to increase 5.7 percent from last year, topping out at $885.70 billion. In the process, consumers will be readily using their credit and debit cards at a variety of retailers online and in-store, even as data breaches are more of a concern than ever.

A cybersecurity issue can certainly damage brand reputation. High-profile breaches at Target, Home Depot, and a host of other merchants have resulted not only in negative publicity for the stores but sizeable lawsuits too. Shoppers, worried about the possibility of financial loss and identity theft, opted to avoid Target during the 2013 holiday shopping season. The retailer reported a sizeable drop in profit.

Merchants appear to be taking a more proactive stance to head off a major hack. Many are upping security teams and looking at new technologies to thwart cybercrime. Target, for one, put in new point-of-sale systems at registers, as well as a card reader that can take credit and debit cards using a more advanced chip to reduce fraud. Also, the retailer plans to roll out its own store credit card with the same chip technology.

Despite the best efforts, the risks will never go away, and merchants are well aware of it. In the digital age, there’s a dilemma for stores. They need to constantly provide shopping convenience through technology while protecting the financial and personal data that’s collected. If a store fails to prevent or respond appropriately and quickly to a data breach, the costs can be sizeable. According to the Ponemon Institute, the average cost to retailers per stolen record is on the rise, growing from $105 last year to $165 in 2015.

The stakes were upped on October 1, when new laws mandated merchants be held responsible for fraudulent purchases if they have not upgraded their systems to accept chip-enhanced cards.

As a result, stores are spending more on cybersecurity, and the challenge today is to evolve and adapt to security threats, lest a company’s brand be forever tarnished.

“If you’re dealing in customer data, you have to plan for what it’s going to cost to collect and secure that data,” says David Schweidel, Caldwell Research Fellow and associate professor of marketing. “If data is compromised, you’re likely to incur expenses including the risk of lawsuits and damage to the brand’s reputation.”

– Myra Thomas 

Related Content