The Impact of AI: Navigating Critical Changes in Retail Technology Trends

Artificial intelligence (AI) is on the rise in retail. Brands have new AI-powered tools available to do almost everything, from improving the customer experience to analyzing shopper data for additional revenue opportunities. But retailers aren’t the only ones leveraging this technology in the commerce sphere. Cybercriminals are using AI to find new ways to exploit businesses. Regulators are also working to leverage AI’s capabilities to help stay ahead of emerging risks. Requirements around using AI to thwart ransomware and other attacks, and to maintain compliance in areas such as data privacy, continue to expand and evolve. The result is a quickly growing portfolio of AI-enabled solutions that serve nearly every corner of the business.

As a retailer, it’s crucial to proactively anticipate the impact of AI on your store and back-office infrastructure. The introduction of new requirements, whether for compliance or operational needs, must be addressed. For brands already grappling with network issues, the widespread adoption of new AI capabilities will exacerbate these challenges. By strategizing now, you can effectively respond to these market shifts and stay ahead of the curve.

Think your network is ready for AI? Think again.

When we think about the AI-enabled world, there will be so much data coming in that many retailers may discover that today’s “we’re doing okay” posture is falling behind. They might experience slow application performance or disruptions due to data network flows tied to voice, computer vision, and other technology advancements. Streaming media applications are particularly sensitive to any disruption in the data flow. Without clean audio, natural language processing (NLP) has no chance of correctly interpreting a customer’s request. Similarly, low-quality video streams may disrupt a computer vision application’s ability to accurately interpret and respond.

The proliferation of AI-driven services could quickly become problematic, but the right steps now can help you prepare for the implications of these changes. For example, SD-WAN technologies are particularly effective at maintaining consistent data flows, even over congested network connections. The use of 5G backup connections provides an additional data path to preserve application performance.

Aligning with the new PCI DSS v4.0-generation standard

The Payment Card Industry Security Standards Council (PCI) Data Security Standard (DSS) v4.0.1 has introduced new requirements for protecting account data that are being implemented in stages. Among the updates are clarification of previous requirements and the addition of new ones, such as authenticated scanning and automated daily logs analysis, impacting businesses that previously relied on checkboxes for compliance. PCI DSS v4.0 and above represent a more modern approach to retail cybersecurity.

Data breaches remain a high-risk problem for retailers, and unless brands get a handle on safeguarding customer data, failure to comply with the updated PCI standard could undermine other store technology initiatives. Moving forward, retailers will be expected to leverage AI to defend against cyber threats, as updates to the PCI DSS standard emphasize the need for automated tools to counter cybercriminals' increasing use of AI.

Navigating the network of data privacy laws

New PCI standards and changes in the data privacy landscape go hand in hand. Customer data is at the heart of retail, from driving shopper engagement to understanding browsing and buying behaviors. The use of AI to surface actionable information from the trove of customer data will likely become table stakes as retailers compete for patrons. But while shopper data offers valuable insights, it also poses a significant liability for retailers in the event of a data breach.

Meeting data privacy requirements while delivering personalized customer experiences is a complex balancing act for retailers. Data from the Pew Research Center shows that 81% of Americans are concerned about how companies use the data collected about them, and the same percentage expect companies’ use of AI to result in their data being used in ways that make them uncomfortable.

Without a federal privacy mandate, states are proactively rolling out their own data privacy rules to protect wary consumers. Retailers must approach data privacy in a way that aligns a growing network of state-level laws with consumer expectations and business needs. What may have been an adequate data privacy posture just a few years ago will not be sufficient. A proven cybersecurity strategy that incorporates AI will be critical to staying ahead of emerging data privacy threats and maintaining compliance across a broad spectrum of requirements.

Creating an AI-capable cyber and compliance strategy

Maintaining compliance in the quickly evolving realms of regulatory standards and data privacy laws is a significant hurdle for many retailers. Some struggle to understand what compliance looks like from an operational perspective, and others aren’t sure how to manage the growing liability of storing and processing customer data. It’s important to understand the requirements and the business implications to prepare a comprehensive compliance and cybersecurity strategy.

A managed services provider (MSP) can help close retail organizations' knowledge and capability gaps. Acting on the brand’s behalf, an experienced MSP can actively respond to security alerts without waiting for the retailer to detect an issue or open a trouble ticket. In addition, AI applications benefit from access to larger volumes of data. Where a retailer only has data about their own individual operations, an MSP has the advantage of a collective view across their entire business. Since network data is a core competency, an MSP will make greater investments than an individual enterprise in accessing, analyzing, and automating problem resolution using highly relevant datasets. Instead of being overwhelmed by the huge volumes of data coming in—which may trigger false positives or other noise that wastes time and weakens your cybersecurity position—an MSP will ingest and collect its own data to proactively identify where problems may exist within the network. With an integrated and holistic portfolio of solutions, an MSP can also support decisions around maintaining compliance with new or changing regulations and how AI can be applied to help counter the industry's growing cyber risks.