By Franco Cordeiro, Sagar Mhaskar, Orson Lucas
Cyber Monday is one of the biggest shopping days of the year. Just last year records broke when sales topped $9 billion for the first time ever – an increase of more than 16% from 2018. Last year also marked the first day in history when consumers spent over $3 billion using their smartphones.
However, this year’s holiday season will look and feel different as a result of COVID-19. According to a recent KPMG survey, there will be fewer in-store shoppers, a rise in online shopping, and a decline in the average spend per person to $515 from $627 on a year-over-year basis.
Yet, even with the expected decline in spend, retailers remain under pressure to ensure the day goes smoothly and that customers enjoy safe and seamless shopping experiences. Many major retailers prepare all year to handle the increased demand that comes with Cyber Monday, and its potential risks, including site outages, increases in orders, hackers and phishing schemes. And 2020 is bringing with it a new set of challenges stemming from a dispersed workforce and social distancing requirements.
What new challenges can we expect this Cyber Monday?
To adapt, leading organizations have set up remote technology response teams who are rehearsing responses to possible disruption scenarios. These teams are being supported by advanced monitoring services to detect degradation in online services, as well as customer communications and business continuity teams which can help respond to business and customer impacts from online disruptions.
In addition, cyber resiliency teams are working in a coordinated fashion to minimize the impact of potential outages or disruptions caused by online scams, cyberattacks; and third-party service failures due to cyber impacts.
The organizations implementing these measures know that technical response and cyber resiliency teams must be prepared to fix issues quickly, and communication and business continuity teams must be ready to engage with customers effectively (e.g., using live Twitter feeds and providing call centers with critical updates).
For example, policies and standards may need to be updated to reflect changes, including monitoring employee communications, and device usage. Additionally, Chief Information Security Officers may need to revisit the IT and security architectures of their organizations to ensure remote access solutions (e.g., virtual private network, multi-factor authentication, remote desktop protocol, etc.) are working appropriately.
With people socially distanced and working remotely due to COVID-19, there are new risks and a new overall dynamic for this year’s Cyber Monday. By creating and testing robust IT incident, business resilience and communications plans, revisiting security controls, and building resiliency into system designs, companies can be better prepared for looming Cyber Monday opportunities and challenges.