Managing IoT security risks in a rapidly digitizing age.

Related content.

Closeup of hands on tablet with a network of interconnected icons superimposed and a shopping cart in the center

The customer journey experience in an omnichannel age.

Stores no longer exist as just places to shop for groceries, or a last-minute birthday card. Learn how the customer journey has morphed into all-immersive customer experiences, and what it means for retailers from Ryan Taylor, T-Mobile for Businesses new retail expert.

Woman wearing VR glasses

Today’s major retail industry trends: what you need to know.

Find out more about the Omnichannel engagement paradigm shift from T-Mobile for Business retail expert Ryan Taylor. It’s no longer just selling products that consumers want but creating experiences that make for memorable outings.

Hand holding pen and tablet with mannequin wearing jacket

Improving the retail experience with 5G Advanced Network Solutions.

Modernize your organization’s cloud infrastructure while improving security.

Innovate with us at 5G Innovation Lab.

The Bellevue Innovation Lab is a collaborative development-focused center that brings together visionary startups, industry leaders, and technical experts to build what’s next.

By Ryan Taylor, Retail Industry Expert

Today’s consumer increasingly demands personalized, omnichannel engagement that leverages carefully collected data to cater their journeys. Retail automation is one way to help achieve not only that but create a more seamless experience while doing so. However, streamlining and automating in-store processes often involves complex systems integrations, including the use of many IoT devices. Securing those devices comprehensively can be a challenge, but it is all the same a readily attainable goal.

Key takeaways

  • Retail automation helps to create frictionless shopping experiences that improve customer engagement and retention; however, they often come with a high level of integration with IoT devices.

  • With these complex integrations and a variety of configurations come security threats that need to be addressed, particularly due to IoT device’s wide range of functionality.

  • Security approaches to IoT need to emphasize visibility and rapid response to both see and respond to emergent threats. A flexible security plan is key before you integrate the devices.


As the retail industry keeps a pulse on consumer tastes, it’s critical to plan ahead. Retail automation continuously personalizes how shoppers experience a brand and it’s only advancing from here.

Retail automation–using tools and technology to improve efficiency in operations–is a fast-paced, constantly evolving concept. Mastering this concept is a promising way for retailers to reduce labor costs, increase shopping efficiency, enhance the customer experience, and ultimately boost revenue and sales.

We see retail automation in self-service kiosks, in-app payments, personalized ads, coupons, and chatbots, and we will continue to see advancements with the increased adoption of AI and ML-powered technology. However, retailers should be aware that automation does not mean a decrease in jobs, it means the re-allocation and creation of new job opportunities.

Yet, while these technologies are key in improving the consumer experience and building brand loyalty, with increased complexity comes greater potential systems vulnerabilities that are more intensive to manage. In addition, companies utilizing virtual cashiers at self-service kiosks could be met with backlash from both consumers and labor advocates.

To maintain successful retail automation, brands should implement a dependable 5G system with safe and reliable large-scale data collection. Strong connectivity, inventory tracking, and safety and security should be retailers’ top priorities.

IoT devices facilitate connectivity between store management, customer experience agents, and customers. They’re becoming increasingly necessary within a retail landscape featuring increasing automation, replacing employees (in some cases) who were once frontline security for retail theft, fraud, disaster mitigation, and even in-store violence between customers.

In other words, it isn’t just better personalization, acquisitions, repeat purchases, and conversions that mobile-networked IoT device integration offers, but the security that is essential to smooth, safe operations.

Managing risk: Retail IoT security risks/challenges.

While greater use of connected devices is essential to retail’s future, ongoing automation and significant IoT growth create a larger opportunity for cyber-attacks, data breaches, and theft, crimes that are already on the rise.

Indeed, notes Margot Juros for IDC Planscape, as of June 2022, cyberattacks continue to be on the rise: “The number of IoT devices employed globally is growing quickly and forecast to reach a total of over 40 billion devices by 2025. Retailers in particular are expected to increase spending on IoT solutions to reach over $84 billion by 2025, according to IDC forecast.”

IoT devices can carry a notable level of vulnerability due to the wide range of roles they play across networks to support the supply chain, building management, and retail operations. This translates to a greater threat surface or space across which potential vulnerabilities can be identified.

Without a reliable security management system (either in-house, if one can afford to have their own dedicated team, or via a third-party consultant/service provider), covering all those IoT devices will prove difficult to say the least. This is particularly true if an organization already needs better cybersecurity infrastructure.

Having a high-speed network helps provide fast, low-latency visibility across your data infrastructure. With the price and availability of services such as 5G fixed wireless solutions, it’s a no-brainer to ensure your speeds are up to snuff to ensure smoother operation.

Continues Juros, “...more than 50% are piloting or are in production with IoT use cases for automated checkout, traffic analytics, real-time inventory visibility, and queue management... IDC estimates that the number of connected IoT devices worldwide will grow to 35 billion by 2023 and to almost 42 billion by 2025.”

That’s the why—the growth of IoT device adoption has increased that aforementioned attack surface tremendously (cites Juros, according to a recent NRF survey in 2021, some 57% of retailers reported an increase in organized retail crime)—but what is involved in IoT cybersecurity when it comes to an actual response?

As with all security, IoT starts with an awareness of and official recognition of the problem followed by highly proactive planning, an action plan focused first on ensuring visibility and a thorough understanding of one’s systems (both in terms of capabilities and vulnerabilities.

From the start of this process through to the realization of a detailed security plan, C-suite and other departmental leadership involved in areas such as loss prevention, retail operations, supply chain efficiency, and employee even (or especially) employee training need to be directly involved.

These are the key players in organizing that institutional awareness on security vulnerabilities and best practices that are so part-and-parcel to a secure data infrastructure at any organization, let alone a multinational retail corporation.

The ‘human’ element remains commonly cited by IT and cybersecurity professionals as the top threat vector; in other words, that people make mistakes is the single greatest source of security breaches, that suspicious email that was opened, that one-in-a-million scam attempt that works, so on.

Yet, what does security mean for IoT devices specifically? Let’s return again to the basic problem: IoT devices are increasingly ubiquitous and provide a wide range of function. Businesses much approach security with an emphasis on visibility to devices paired with security systems, protocols, and practices that are flexible enough to respond to emergent threats.

In terms of that flexibility, one can leverage IoT sensors (so long as they aren’t too old to meet modern security standards) to detect your organization’s IoT device IDs. Yet, it’s understandably a challenge that to achieve this flexibility across such a wide area is a notable challenge.

You also have to worry about whether the IoT devices you use are, again, up-to-date, but also able to run the security software your organization adopts. This requires a team that knows the IoT device and cybersecurity world intimately.

Yet, be assured that these and other vulnerabilities can be overcome. It’s again first all about that visibility, but you must also have or retain a posture of astute vigilance, awareness, collaboration, systems knowledge (knowing what to look for) and, to tie into all of that the training to match, notes Juros in the IDC report.

That’s why it is important to have that cybersecurity plan in place before you purchase new IoT devices (either in the event that you are in the middle of your digital transformation, or found that your existing IoT devices just didn’t cut it).

You also need to examine your existing capacity for that training, hiring, and monitoring that goes into proper cybersecurity. Does your business have the capital to make those investments, or do managed services make more sense? This is a serious consideration in a retail world that increasingly leverages third-party management for microservices and other key functions.

A more secure future.

With automation and IoT propelling retail, businesses need to take a proactive and comprehensive approach to utilizing this technology. Yet, they can’t successfully move forward without duly prioritizing safety and security.

Retailers must look for a reliable provider that can offer both the most innovative technology and integrated security services. T-Mobile for Business leverages a variety of IoT options to help retail businesses enjoy higher operating capacity and rewarding experiences, all while prioritizing safety.

About the author:

Ryan Taylor headshot
Ryan Taylor is a professor of retail with over three decades of study under his belt. Formerly Senior Director of Nike Stores North America, his expertise improved team performance and, in turn, improved the customer experience. A ‘big picture’ person, Ryan’s experience allowed him to enhance retail operations at more than 250 stores across the country via coordinated plans that incorporated sales, marketing, brand loyalty, customer service, and team training. He is one of RETHINK Retail’s Top 100 Influencers of 2023, a recognized Industry Thought Leader, and a Retail Technology Innovation Strategist.
Want even more trends, insights, and success stories?

Interested in T-Mobile for Business?