Guest Blog: Cyber security challenges for the retail sector

What does Alexis de Tocqueville, a mid-nineteenth century historian and political scientist, have to do with the WannaCry ransomware outbreak last May and cyber-commerce?

Well, in 1831 Alexis was sent by the French Government to examine the American penal system. In a way that all managers will find familiar, the 26 year old spent nine months mainly travelling around and enjoying himself.

Unusually, however, on his return Alexis began writing, publishing two volumes of what would become known as ‘[On] Democracy in America’. His described the concept of ‘enlightened self-interest’, which he saw as a predictor of future American economic success. At heart, it means working together and assisting others because by doing so we help ourselves. Or as, with rather more elegance, Alexis put it “….an enlightened regard for themselves [Americans] constantly prompts them to assist one another….”.

It’s a concept which is very relevant to cyber-security and -commerce.

Many IT infrastructures make use of similar building blocks, and a successful attack on one company might very soon be replicated across many. This ‘domino theory’ analysis of cyber attacks can be clearly seen across a vast range of examples, perhaps most famously in last year’s WannaCry outbreak.

Likewise, a successful strategy for dealing with an attack can very soon be deployed elsewhere and, if the flow of information is quick enough, systems can be secured long before they are compromised.

If the flow of information is quick and accurate enough, the response can beat the contagion, helping to minimising the effects of the attack well before the harm spreads too far.

But it requires an infrastructure and a culture that facilitate that sharing.

In terms of cyber-security, the National Cyber Security Centre (‘NCSC’), working with trusted partners such as the British Retail Consortium, have stepped in to create that infrastructure. It is called the Cyber Information Sharing Partnership – known as ‘CiSP’.  It provides its members with a platform to collaborate in a trusted, confidential, environment. CiSP members are experts drawn from leading-edge retailers and other businesses, academia and the UK’s critical national infrastructure. Part of the value is from learning across sectors.

Take up of CiSP has been strong, and there are now 4,000 visitors per month, a 43% increase in just over a year. The WannaCry outbreak is a great example of when CiSP came into its own: there were more than 23,000 visitors to the online platform, including 15,000 during the first weekend. CiSP was invaluable in providing up-to-the-minute mitigation advice and, as crucially, debunking false rumours.

There is clearly a case for looking at how that approach can move beyond cyber-security, enabling the UK’s technology and retailing ecosystems to better realise shared opportunities. Retail has scale, reach and many of the raw materials for making AI work, and is already innovating fast. Online sales are growing at a startling rate, making use of a much wider range of technologies, whilst traditional sales falter. UK technology firms can deploy cutting edge capabilities and draw on learning from across sectors to do things better and cheaper.

The work of tech UK and BRC on events like the ‘Cyber in the Digital Economy’ conference can help sustain a community of enlightened self-interest; the end result can only be good for both.

James Martin

Crime and Security Adviser, British Retail Consortium


We're at #Lab18 chatting about the role of autonomous vehicles in #DrivingtheFuture. Come take part in the debate!…
Did you know that many businesses haven't gone #digital yet? Join us at our #Lab18 event where we tackle the issue…
techUK Deputy CEO @techUKdepCEO comments on PM Statement saying UK and EU "must commit to finding a solution that a…
Get ready for techUK’s Cloud Week! From Monday, we’ll be hosting a week of guest blogs, podcast interviews, press…
#supercharging18 in Manchester on 18 Oct, will explore the ways #digital increasingly underpins Britain’s #economy.…
Hear from @techUKCEO at the FutureTech Festival in December this year #GREATforCollaboration
What makes a 'good' Digital Board? Read more about our new report from SmarterUK in @ComputerWeekly
Delighted to see @techUK Health and Social Care Council Member @AndreasHT is on the panel