Kara Gunderson started her 18-year focus on payments and data security as a petroleum retailer, worked for a time with a payments acquirer and then joined Houston-based CITGO as head of its overall point-of-sale (POS) strategy. She is also chair of the data-security standards committee for the convenience-technology association Conexxus.

Q: Do you think people continue to prioritize data security?

A: I do, but I also think the pressure to bring new technology to market pushes data security out of the R&D cycle. If testing is conducted at all, it seems more likely an afterthought. Companies should look to adding data-security consultants during R&D, both with payments and nonpayments. Wouldn’t you like to know all your connected refrigerator’s access points and vulnerabilities?

Q: How are c-stores at risk?

A: Petroleum payments are integrated and complex. Network and device logging has to get more sophisticated. But we’re also seeing more threats at the petroleum retailer’s home office. While at the NACS Show, someone texted me that they got hacked. It’s no fun to find all your files and personnel records have been encrypted and held for bitcoin ransom. Look for Conexxus to educate members on this very soon.

Q: Speaking of smartphones, do you prefer iPhone or Android?

A: Android.

Q: Do you have an Amazon Alexa virtual assistant at home?

A: I don’t have an Alexa—mostly from a data security and privacy perspective. And the thought of asking my coffee pot to order dog or cat treats seems very strange to me.

Q: What’s the one old technology you can’t live without?

A: My 10-key adding machine. Yes, I still use it to balance my checkbook.

32—Number of rhinestones in Gunderson’s favorite bejeweled pair of jeans