Why CISOs should care about fraud

Cybersecurity
 |  
Mar 2026
 |  
RH-ISAC
Save to favorites
Your item is now saved. It can take a few minutes to sync into your saved list.

What: CISOs are increasingly responsible for integrating cybersecurity and fraud prevention to protect retail organisations from evolving threats.

Why it is important: Coordinated cybersecurity and fraud prevention strategies are critical for protecting retail operations and customer trust, as seen in recent market developments.

As the retail sector faces a surge in sophisticated cyber threats and fraud, the role of the Chief Information Security Officer (CISO) is rapidly evolving. No longer limited to traditional IT security, CISOs are now expected to lead integrated efforts that bridge the gap between cybersecurity and fraud prevention. This shift is driven by the growing complexity of digital retail environments, where omnichannel strategies and digital transformation have expanded the attack surface and exposed new vulnerabilities. The consequences of fraud incidents are not only financial but also deeply impact brand reputation and customer trust. To address these risks, retailers are moving toward cross-functional collaboration, uniting IT, security, and fraud management teams to build comprehensive, layered defenses. Regulatory pressures and the need for real-time intelligence sharing further underscore the importance of a unified approach. By embracing this expanded mandate, CISOs are positioning themselves at the forefront of retail risk management, ensuring that organisations can respond swiftly and effectively to the evolving threat landscape.

IADS Notes: The convergence of cybersecurity and fraud prevention has become a defining challenge for the retail sector, as CISOs are increasingly called upon to address not only technical threats but also the broader spectrum of financial and reputational risks posed by fraud. Recent analyses, such as the February 2026 Harvard Business Review, underscore a strategic pivot from isolated prevention to collective resilience and industry-wide collaboration, reflecting the sector’s response to escalating cyber threats. The August 2025 Retail Bulletin and May 2025 BCG reports highlight how digital transformation and omnichannel expansion have expanded the attack surface, exposing critical gaps in cross-functional coordination between IT, security, and business teams. This fragmentation has left retailers vulnerable to sophisticated attacks, with incidents like the UNC3944 campaign in May 2025 demonstrating the urgent need for comprehensive, layered defences. Meanwhile, the October 2025 RH-ISAC initiative illustrates the sector’s shift toward intelligence-driven, regulatory-aligned fraud prevention strategies, emphasising the importance of coordinated action and real-time information sharing. Collectively, these developments signal a new era in which CISOs must lead integrated efforts to protect both operations and customer trust.

Why CISOs should  care about fraud