As promised, I’m posting this as a follow-up to this year’s NRF show in NYC.  It is going to be a short post as there really isn’t a lot to talk about from the show, particularly in terms of security or compliance.

The big news this year is that the show didn’t suck.  Someone told me that it was the best attended show (by retailers) in the last 5 years.  I’m not sure if that’s an official ruling from the NRF, but I can certainly attest to the fact that traffic was significantly better than last year.  Last year we had all kinds of time to hang out in people’s booths and talk with technology clients and vendors about security - this year most of the significant vendors had retailer traffic a lot of the time.  I will say that it was hard to tell with Motorola (who had one of the largest booths) who apparently brought every employee within a 200-mile radius of New York to the show - seriously….

Our clients all seemed to be very busy (which is good) and while they certainly spent time with us, we didn’t infringe on their hospitality too much as they had clients to see and non-clients to (hopefully) impress.

In terms of security - there wasn’t much to be found on the expo floor.  We didn’t see any booths (I heard that one of NetSPI’s competitors was hanging out in someone’s booth, but we never found them) from major security and compliance players and, while security and PCI were certainly still being used to push product (it was printed on a ton of booth signs), it was very surface-level this year.  No one seemed to be at all that interested in a deep discussion - they just knew that their product did x, y, and z for PCI…  Most of the software companies didn’t even have their primary security person at the show.  Even AT&T and Verizon, both having acquired large security practices didn’t really talk about security - they focused their efforts on retail technology divisions or communications.

I think, with the economy and retail marketplace slowly improving, technology companies that really don’t understand compliance and security (and don’t want the burden of supporting deep discussions around the same) have decided that they are going to relegate compliance to a ‘check-box’ activity.  In other words, ‘I am PA-DSS compliant, so I don’t really have to talk about security anymore, thanks…’

My reaction to this attitude - I see opportunities for vendors that really are willing to understand compliance, it’s impact on retailers, and their own ability to positively influence a retailer’s compliance efforts.  I see problems for companies that check their box and then wash their hands of clients’ compliance concerns.

For the organization I work for, I think it might actually be a good thing in the long term as we help our clients take the first path and better prepare their teams (both on the technical and marketing side of the house) for supporting their clients.  It certainly seemed to be playing out well for our clients at the show - they not only had their compliance box ‘checked’, but they were using that experience and the knowledge that they actively gained from the relationship to better position their clients and, therefore, their own brands and products.

Regardless, the show this year was a big improvement over last and most likely indicates an improved outlook for the retail community and the broader economy (retailer spending tends to foreshadow economic conditions) and that’s good news regardless.  Again, I’m disappointed about the lack of security-focused discussion at the show this year, but happy that retail might be slowly coming out of a very difficult time.

Related articles by Zemanta

• Ingenico Launches Secure Multimedia Powerhouse iSC350 to Kick-Off 99th NRF Show (pindebit.blogspot.com)
• Retail Faces Uncertainty as CIT Enters Bankruptcy (abcnews.go.com)
• Late Season Surge Helps Retail Sales Gain 3.6% Over Last year (shoppingblog.com)
• Source Technologies Introduces Next-Generation of PilotPoint™ Self-Service Bill Payment Kiosk (pindebit.blogspot.com)