Building Cyber Resilience in the Fashion and Luxury Goods Industry

Building Cyber Resilience in the Fashion and Luxury Goods Industry
November 30, 2023 21 mins

Building Cyber Resilience in the Fashion and Luxury Goods Industry


Web 3.0 is coming. Every luxury goods business can profit from the use of its related technologies in digital assets, such as NFTs and the metaverse, but cyber security must keep pace.

Key Takeaways
  1. As a company’s digital footprint grows in both size and complexity, so does its cyber risk exposure.
  2. Digital assets have the power to grow a luxury goods business and boost its brand, but ensuring trust and authenticity will prevent the potential for reputational fallout.
  3. An enterprise risk management view on cyber security delivers data-driven insights with analytics and advice that enable resilience through preparedness.

The luxury goods industry — in keeping with the retail sector as a whole — is going through a rapid and accelerating period of digitalization; a process that is likely to enter a new phase. Consumers — specifically younger Millennials and Generation Z — are looking for new ways to engage with brands. This is where the opportunities presented by Web 3.0 and its related technologies, such as the metaverse, blockchain, and digital assets like NFTs, offer potential for new growth.

Virtual reality (VR) and augmented reality (AR) have arrived on the scene and customers can now virtually explore high end luxury stores like Prada,1 while virtually trying on a pair of Gucci trainers via an “augmented reality shoe try-on.”2 According to Vogue Business, nearly three quarters (72 percent) of luxury fashion consumers in the UK think that brands should provide an augmented reality shopping experience.3

But with this potential come inherent risks. As a company’s digital footprint grows in both size and complexity, so does its cyber risk exposure. The critical question businesses need to ask themselves is: Are they managing that bigger footprint in a way that safeguards their operations, balance sheet and reputation from cyber interruption?

Quote icon

NFTs and asset tokenization more broadly is going to expand a great deal in the next decade beyond the worlds of artwork and collectables. The big thing for luxury goods will be in associating the digital artefact with the real world or metaverse"

Derek Lietz
Managing Director, Intellectual Property Solutions, Aon

The NFT Opportunity

Digital assets are defined by the U.S. Internal Revenue Service as “any digital representation of value which is recorded on a cryptographically secured distributed ledger or any similar technology.” They encompass areas such as cryptocurrency, stablecoins and nonfungible tokens (NFTs).4

In 2022, luxury jewelry brand Tiffany announced it was selling NFTiffs, a collection of 250 digital passes for a “custom designed pendant and a NFT digital artwork that resembles the final jewelry design” in exchange for 30 Ether — a cryptocurrency, which, at the time, would have cost each potential customer the equivalent of nearly $50,000.5

Quote icon

If you go on an NFT marketplace and look for tokens from luxury goods you will see thousands of fakes that purport to be from the luxury goods brands.”

Derek Lietz
Managing Director, Intellectual Property Solutions, Aon

Over the last few years, luxury brands have started to explore the commercial possibilities offered through digitalization and how technology can transform customer interaction. This type of innovation demands heavy investment, while also creating new potential risks for a brand.

Luxury brands such as Burberry, Dolce & Gabbana and Givenchy are becoming increasingly interested in supplying a digital twin, where all their physical goods are mirrored by an NFT or other token.6 Consumers will be able to trade the digital twin as a representation of physical goods, which will be important to areas like proving authenticity, combatting counterfeiting, and providing additional value and information. NFTs could also be useful for artificial intelligence (AI) — proving human versus machine authorship. However the true value of NFTs and asset tokenization is in knowing which ones are authentic versus fake.

While a genuine NFT provides the digital authentication, this doesn’t stop people from providing fake NFTs, which can be created in as little as 20 minutes. However, NFTs cannot take off until there is a mechanism in place to pinpoint the real ones, which is why implementing a process that authenticates each NFT from a brand will be crucial.

Token-based assets like NFTs are also likely to play a big role in the development of the Metaverse, allowing people to interact remotely and share content and experiences. The Metaverse could generate economic value of up to $5 trillion by 2030.7

It’s also likely that the luxury goods avatars wear — the Rolex watch, Armani suit or Louis Vuitton handbag — will need to be authenticated via an NFT or something similar.

Regulators have begun to embrace the technology as part of the drive for sustainability. In fact, one initiative is already underway by the European Union via its Digital Product Passport (DPP). This will “require brands to collect and share data from a product’s entire lifecycle accessible in the form of a 'digital twin’,” which a customer can access by QR code or barcode.8

Quote icon

A couple of areas are pulling down retail’s cyber security scoring… third party management, business resilience processes and application security remain quite weak.”

David Molony
EMEA Cyber Leader, Aon

Double Down on Cyber Security

Given Web 3.0 is the direction of travel — symbolized through the growing use of NFTs and the metaverse – there is now an added level of digital complexity that the luxury goods sector will need to double down on to ensure their cyber security remains equal to the challenge. The retail sector as a whole has improved their cyber maturity from “basic” to “managed” between 2020 and 2022 according to Aon’s Global 2023 Cyber Resilience Report.9

However the sector has not seen an improvement in its cyber security ratings in the last two to three years. More focus on the overall C-Suite governance of the cyber security process could lead to a pronounced increase in the cyber security score in retail But more work needs to be done for luxury goods businesses to both protect their operations and to make the most of the opportunities that come with the progress of Web 3.0.


The Metaverse could generate economic value of up to $5 trillion by 2030.

Quote icon

The cyber threat itself is becoming more pronounced not less, and luxury goods businesses need to be more prepared than they are now to have a greater level of general cyber resilience.”

David Molony
EMEA Cyber Leader, Aon

Luxury goods brands must also pay extra close attention to their customer base, which is more likely to be comprised of high-net-worth individuals. This further magnifies the general regulatory task around the safekeeping of customer data. The complexity of supply chain networks is also a challenge. Businesses should focus on making sure that before onboarding a new supplier, the right level of cyber due diligence is conducted to safeguard or minimize the potential threats in the overall risk environment.

Designing a Sustainable Future

Want to learn more about the latest key trends and issues impacting the luxury goods industry? Download our Designing a Sustainable Future for the Fashion and Luxury Goods Industry paper.

General Disclaimer

The information contained herein and the statements expressed are of a general nature and are not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information and use sources we consider reliable, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.

Terms of Use

The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.

More Like This

View All
Subscribe CTA Banner