industry unlocked
has become a common trend even in
retail organisations, where typically
such practices were either viewed as
unnecessary or excessive.
Another major factor that has resulted in
more security due diligence exercises
being conducted by retail organisations
is that their parent organisation holds
a wider portfolio of companies, some
of which are closely connected to the
domain of information security.
These parent organisations have a
greater need for maintaining their
brand image given their wider presence
across multiple domains in the industry
and hence they are more inclined
towards conducting a thorough
www.intelligentciso.com
|
Issue 16
security due diligence on their vendor
organisations. Prioritising security
alongside other business objectives
is highly recommended even for those
retail organisations that do not think that
information and security matter to them.
Digitisation has touched every aspect
of our world, which means that the
potential for an embarrassing security
breach exists for almost any and every
type of organisation.
Retail organisations must consider
obtaining information security
certifications such as ISO 27001:2013
and PCI DSS if their software
development and management is
done in-house.
Protecting
information and
data is not only
about protecting
competitive
information, but also
about protecting
brand image in
the market.
45