Groupe Rocher CISO on strengthening a modern retail cybersecurity strategy
Groupe Rocher CISO on strengthening a modern retail cybersecurity strategy
Publish Date: 2026-02-11 01:30:00
Source Domain: www.helpnetsecurity.com
Global retail and beauty brands manage a unique cybersecurity balancing act. They depend on consumer trust, massive volumes of personal data, and a sprawling network of vendors, while also managing thousands of physical locations and dynamic digital growth.
In this Help Net Security interview, Jérôme Etienne, Group CISO, Groupe Rocher shares practical insights on closing strategy gaps, managing third-party risk, and securing online and in-store environments. In the conversation, he also discusses why point-of-sale and in-store systems can no longer be treated as secondary security concerns, especially as attackers increasingly target overlooked technologies. He also explains how CISOs can build a unified global security strategy that meets regional regulatory demands without creating fragmented policies and inconsistent controls.
Global retail and beauty brands sit at the intersection of consumer trust, complex supply chains, and aggressive growth targets. When you look at a typical enterprise in this space, where do you most often see a disconnect between stated cybersecurity strategy and actual business risk?
In the retail and beauty sectors, a common disconnect arises from the gap between the strategic intent of cybersecurity measures and their operational execution. This often manifests in the misalignment of cybersecurity priorities with actual business risks, particularly in areas like supply chain vulnerabilities and consumer data protection.
Enterprises might declare robust cybersecurity strategies yet fail to adequately address the threats posed by complex supply chains and aggressive digital transformation efforts. To bridge this gap, at Groupe Rocher, we have chosen to integrate cybersecurity into the core business strategy, ensuring that security measures are not only reactive but also predictive, leveraging threat intelligence to anticipate and mitigate risks effectively. Adhering to broader cybersecurity and regulatory best practices…
