Every week, The Interline rounds up the most vital talking points from across the landscape of fashion technology news. This roundup is also delivered to Interline Insiders by email.
Why a cross-industry intrusion should serve as another wakeup call for fashion’s approach to information security.
One of the most important fashion technology stories this week isn’t really a fashion technology story at all, but it’s one with deep implications for an industry that still – despite near-universal uptake of data management and centralisation platforms – does much of its creative collaboration, and shares a lot of its sensitive data, via email.
An exploited vulnerability in Microsoft’s Exchange email service has rapidly grown from being a concern amongst security researchers early this year, to the stage where, today, the initial hack (believed to be the work of a group sponsored by the Chinese state) is being picked up and turned into a data-ransom opportunity by other malicious actors.
There’s a lot of infosec jargon in that paragraph, but the essence is this: Microsoft Exchange has been the email and calendaring service of choice for a lot of mid-to-large enterprises for quite some time. It would be premature to call it a legacy service, but Exchange certainly has strong roots in the pre-cloud era of on-premise applications. An intrusion into Exchange Server was detected potentially as far back as January, and has now gone on to affect 250,000 Exchange users globally, including the European Banking Authority.
This is now recognised as a mass-hack, and the outcome of being on the receiving end of the hack is the potential exposure of your organisation’s entire calendar and email backbone, which can be surreptitiously read, copied, or held to ransom.
And to avoid any assumptions that this is not a fashion retail problem, security researchers have already identified US retailers as victims.
Like a lot of cybersecurity stories, this one is likely to prompt a lot of sudden introspection, with businesses asking themselves whether their systems are secure, and firing off heated emails to IT to check whether vulnerabilities exist, and if so whether they have been patched. The purpose of this roundup is not to point any fingers at IT departments, though. And while Microsoft may prove to have been slow to act in this case, the critical takeaway for any brand or retailer should not be whether their email is secure or not, but whether they should be sharing the things they are via email.
This is, after all, and industry where technical specifications are built in solutions created for that task, with bills of materials included, and then shared as PDF attachments to emails. At the same time, fashion remains an industry where intellectual property protection and anti-counterfeit action are primary concerns, since concepts (if not necessarily execution) can be replicated.
The Interline published a review of fashion’s approach to cybersecurity to coincide with our launch this time last year, and many of the concerns raised in that article remain valid. Tellingly, though, that article was not new even last year; it had been repurposed and updated from a print publication from our sister site, WhichPLM, and actually dated back to 2016. Which is not to say that we were particularly prescient at the time, necessarily, but rather that the world moves quickly, and as individuals and corporate entities, we are often slow to respond to correspondingly rapid escalations in threat.
At the time that article was first written, its focus was on the broader attack surface (the number of different ways a bad actor can attempt to breach a company’s IT domain) that supply chain IoT connectivity and wearable technology presented, but as a prime example of this theme of quick evolution, digital product creation and digital fashion arguably present the most potent attack factor right now.
Consider this in light of our recent coverage of digital fashion, and it should become apparent that fashion could be making itself a target in the same way that other industries – notably videogaming – do. Hacks only rarely manifest themselves in physical objects and machinery, but when any industry begins a trade in digital goods, the incentive to obtain those goods via illicit means skyrockets.
Last week we discussed some of the commercial and IP concerns surrounding the NFT boom, but this week’s news is at once more mundane and, The Interline would suggest, scarier. Because it’s one thing to shore up the security of a verifiably scarce digital asset with a blockchain, and quite another to have that asset’s value completely undermined because someone sent a link to an infinitely replicable digital backup to someone else via email.
The way physical and digital platform holders value creators continues to diverge.
If you are of a certain age – and The Interline is – then the announcement that Roblox’s public offering valued the company at $45 billion US on revenues of less than $1 billion in 2020 is likely to have elicited a response along the lines of: “what the hell is Roblox?”
We’ll let Polygon answer that question, but the thrust is that an open platform for young creators – Roblox is pitched at a mostly pre-teen audience – is now considered more valuable than all but the single largest traditional videogame publisher.
What does all this mean for fashion? The first trend is an easy one to identify: with half of US children already playing Roblox, the upcoming disposable-income generation is already primed to embrace the convergence of physical and digital self-expression, creating a smoother onramp to digital fashion.
The second is related: younger people are increasingly seeing digital platforms as viable career paths, either as designers of new experiences themselves, or as athletes seeking fashion sponsorships that target Gen Z. This has significant implications for both the attitudes towards digital worlds (the fabled metaverse) that the coming generation will hold, and, very likely, for the degree of aptitude for real-time visualisation and creativity they will have.
The third angle is the way this valuation exposes the differences between the way physical retail (even if it’s sold online) values the work of small or independent creators versus the way open digital platforms do. It’s no secret that Amazon, for example, as a fractious relationship with the sellers that use its marketplace, but this came to something of a head this week with the announcement that Amazon will further restrict the customer information its third party sellers can access – essentially to the point of anonymity.
In practice this means that Amazon is, for all intents and purposes, ringfencing customer data for its own uses. And while independent brands are still going to be able to sell through Amazon – and in potentially in high volumes – they will not be able to build customer relationships. Contrast this with the approach taken by digital platform owners such as Roblox, where open community and direct access to platform developers is the lifeblood of the platform, and a deepening power distribution divide seems to be emerging. Where Roblox developers achieve prominence, they and Roblox itself experience mutual growth; where Amazon sellers achieve prominence, Amazon reserves much of the growth for itself, both in terms of platform sales commission and by controlling customer data.
Taking all of this into account, it seems as though the future’s most valuable companies – and its most valuable brands – could be those that value the independent collaborators and creators who work with them as highly as they do their own market share.
And the best from The Interline this week:
This week we published our second exclusive feature from upcoming writer Aasia D’Vaz Sterling, who took a unique look at the possibilities that digital material sourcing creates for emerging designers and small, independent brands.
We also made the recording of our pre-Christmas panel discussion and live briefing on the results of the Kalypso / The Interline 3D and digital product creation survey available to watch on-demand.