Kim DeCarlis

Chief Marketing Officer, PerimeterX

Kim DeCarlis is a seasoned go-to-market executive with a unique combination of product marketing, brand building and high-tech sales experience. Kim is currently the CMO at PerimeterX, a growing Series C company that provides modern web application security solutions that safeguard digital businesses in retail e-commerce from malicious activities.  Her experience spans roles at technology companies including Citrix and IBM, as well as at Information Resources, Inc., a provider of solutions to the retail and CPG industries.  She is a frequent speaker at industry events on cybersecurity, B2B marketing and C-level engagement, and has been recognized by the Silicon Valley Business Journal as one of the “Silicon Valley Women of Influence.” She is a graduate of Stanford University and serves on the Boards of Directors for Model N, the Children’s Discovery Museum of San Jose and Girls in Tech.

To learn more, visit:

  • Posted on: 01/03/2022

    Are Nike’s Member Days loyalty’s future?

    It's great to see Nike continuing to lead the pack with its engagement strategies. But it's equally important to look at "why" this effort has garnered increased attention and urgency. Many reports state that Nike is looking to fix the SNKRs app and to do a better job handling bots before they drive away loyal customers. That suggests that Member Days were put in place, at least partially, as an approach to ensure that real people -- not bots -- get access to limited edition products, including Kyrie 7 and Air Force 1 brands, and to attempt to handle flash sales more effectively. Nike is also reportedly using a "dedication score" to further differentiate and provide product access to its biggest and most ardent fans and supporters. This is one way to handle bots, but it seems that a better bot mitigation strategy - one based on machine learning and constant feedback loops - might serve the brand equally well. Other brands should watch Nike's moves with a keen, yet skeptical eye, and rather than be a "fast follower," assess whether their business warrants similar strategies.
  • Posted on: 11/02/2021

    Does Macy’s or Best Buy have a better approach to gift cards?

    Gift cards continue to be a hot item and it's no surprise to see them as "most requested" yet again. The choice of which gift cards to sell -- their own or a mix -- is dependent upon the habits of a retailer's shoppers and the opportunity to increase revenue. Regardless of their decision, I would encourage retailers to make sure that they take precautions to safeguard the value in their branded gift cards from fraud. Our data showed that gift card cracking expanded in 2020 to cover nearly all holiday shopping seasons, beyond Cyber5, and we expect this trend to continue. Gift card cracking is a variation of payment fraud attacks where cybercriminals use brute force to enumerate gift card numbers to figure out valid combinations. They then use the valuable card balances themselves for purchases or resell them on the Dark Web. Since, gift cards don’t typically have the same level of protection as credit cards, they are easier targets. Additionally, many retailers provide a separate page for gift card balance checking, a feature that is widely abused by card cracking bots. In order for retailers to really see increased business as a result of whatever gift card decision they make, putting in appropriate security is critical.
  • Posted on: 10/27/2021

    What should retailers do about angry reviews?

    Retailers should do two simple things: First, ensure that the review came from a real person and not a bot. Unfortunately, there are far too many spambots out there which post negative reviews and thinly veiled advertisements for other products to lure unsuspecting consumers to other sites -- from which the spammer might gain a referral fee. Many bot management tools on the market easily determine human or bot to help with this decision. Second, acknowledge the review. Sincerely apologizing and seeking to understand and address the issue goes a long way. It's easy for a disgruntled consumer to say things behind the relative anonymity of their device that they wouldn't say in person. Putting a human face to the brand goes a long way to diffusing the issue. Then address the issue -- perhaps offline -- but document the resolution online so others see that you cared enough to close the loop. And ideally, ask the reviewer to acknowledge the resolution. This shows other consumers that while you may have areas of improvement, and we all do, you truly care about consumer satisfaction.
  • Posted on: 10/06/2021

    Will access to hard-to-find gifts make Totaltech-heads out of Best Buy’s customers?

    Two interesting points about this: First, is the ongoing trend from businesses of all types to move to a subscription model. This can help boost loyalty as Best Buy becomes the first stop for customers to address their home tech and service needs, and this financial model provides great visibility and predictability to Best Buy's revenue. The second interesting point is about members gaining access to products expected to be in short supply during the holiday period. The biggest challenge in this area will be handling bots that buy up limited edition products before real humans can. It will be important for Best Buy to figure out how to eliminate bot-driven disruptions during promotional and limited-release sale events. Equally important will be managing expectations: it is likely that Totaltech subscribers will quickly outnumber limited edition product inventory, setting up potential disappointment for those who subscribe and those who do not. Handling this well will be important to all Best Buy customers.
  • Posted on: 10/04/2021

    HomeGoods finally has a home online

    E-commerce is a channel that makes sense for all retailers -- from luxury to off-price -- and it's great to see HomeGoods going online as it is a base level expectation of shoppers today. It's important though, that going online doesn't merely mean taking existing analog processes and digitizing them. It means rethinking the interaction with the consumer along their discovery and purchase process -- from home page to checkout -- and optimizing it, as well as building a strong omni-channel approach that brings together the interaction between online and in-person. In that regard, TJX is in a great position to leverage their experience with their other brands to help HomeGoods advance more quickly.
  • Posted on: 09/16/2021

    Online grocery shopping is pretty much all about convenience

    As we establish our "new normal" post-pandemic, needs and benefits change. Shoppers who were forced online for safety had their eyes opened to a new experience, so it's not surprising that convenience, not safety, is the long-term outcome of value that has resulted from the pandemic. For a grocer to excel moving forward, it's important to take advantage of omni-channel possibilities -- offering secure e-commerce experiences from home page to checkout and extending that to curbside pickup and BOPIS (buy online pickup in store) for grocery shopping. And I use the word "secure" very specifically. Consumers must know that their personal information is handled securely by the grocer, and that the potential for fraud is minimized throughout their transaction.
  • Posted on: 08/27/2021

    Do retailers need a chief data officer?

    Managing a retailer's technology stack and getting insights from its consumer data are two distinct needs requiring unique and different skill sets. While the technology may be a conduit for gathering and managing data, that's where the overlap starts and ends. For a CDO to be successful, the role must span departments -- from sales to marketing and finance to technology -- and be seen as one that empowers the digital-first thinking required for success across the brand. The role must have the budget, authority and resources needed to bring together departmental silos. And, it must empower these organizations by building data analytics skills across them that can help find meaningful insights and put them into action.
  • Posted on: 06/21/2021

    Amazon and its retailer rivals look to set Prime Day sales records

    As we saw during holiday periods throughout the last year, online traffic and revenue have reached new heights, with many retail e-commerce vendors seeing daily peaks throughout the year that surpassed previous Cyber 5 levels. It is likely that Prime Day will bring similar traffic spikes, so it is important that retailers prepare their infrastructure in advance -- both to handle legitimate traffic and to handle attacks. This is particularly relevant for smaller chains and independents: in the last year, more online merchants faced attacks as criminals expanded both into new verticals and attacked smaller businesses more frequently than before. Since a company’s website or web app has become the primary way for consumers to discover, shop and interact with a brand, it is critical that infrastructure and security are ready for whatever Prime Day may bring.
  • Posted on: 06/11/2021

    What distinguished e-commerce winners and losers during the pandemic?

    The retailers that fared best during the pandemic were those that were able to provide safe and effective e-commerce experiences from home page to checkout, and to extend their online experiences to curbside pickup and BOPIS. Online traffic surged above previous Cyber 5 rates and so did cybercrime: account takeovers comprised 85 percent of all login attempts in some months and gift card attacks were up from four to eight times during major U.S. holidays. Larger retailers had a head start because of more advanced e-commerce and supply chain infrastructure, though many had to accelerate their digital and omnichannel plans. Retailers that didn’t fare well should learn from those that did: safe omnichannel experiences and a focus on transparency and customer satisfaction will go a long way.
  • Posted on: 05/24/2021

    What are the greatest pain points for mobile checkout?

    Mobile checkout processes need to be simple and secure -- two factors which sometimes are at odds with each other. Digital and mobile teams want to minimize the clicks it takes to complete a purchase, while security teams want to make sure that the transaction is being performed by a real person, not a bot. Unfortunately attacks on checkout are among the most serious because they reach the stage of fraudulently attempting to purchase a product or service. As such, security teams often impose verification systems on transactions, requiring customers to identify pictures or type words that they see in a distorted graphic on the site. These systems can lead to frustration and high abandonment rates, particularly from certain demographics that are skeptical about online shopping to begin with or have trouble seeing the graphic. It is important that retailers keep security and ease in balance, perhaps using verifications that are simple for humans and hard for bots, and only requiring additional steps based on transaction size or change to the account -- such as delivery address or credit card -- to minimize disruption and maintain customer satisfaction and engagement.
  • Posted on: 03/17/2021

    Why is gaining meaningful insights from data still so hard?

    Creating a single view of customer data is the goal for organizations across business segments -- well beyond retail -- but this is easier said than done for three main reasons: silos, talent and skewed data. Unfortunately, customer data lives in many systems -- the CRM such as Salesforce, the loyalty system, the payment system and the website analytics tool. These systems are often owned by different groups which results in silos that are hard to work across and data that is difficult to correlate. Finding skilled data analytics talent is the next challenge. People, with the skills to correlate multiple data stacks and understand the right questions to ask to help a business get from data to insights, are hard to find. Skewed data -- particularly from websites and web applications -- is the final challenge. As e-commerce continues to be a primary channel for retailers, their website becomes a primary brand experience, with more traffic online than to most brick and mortar stores. But with human traffic comes automated bot traffic -- to scrape content pages, hoard inventory and try to take over accounts. Since many websites have over 50% of their traffic coming from automated bots, decisions about promotions, product popularity and campaign impact can lead to erroneous conclusions and over- or under-investment. So with these challenges, what's a retailer to do? First, empower a data czar to bring together the silos and give this role the budget, authority and resources needed. Second, invest in internal data analytics skill-building classes, and consider sponsoring programs with local colleges and universities to build a talent pipeline and feed internships and new hires. Finally, make sure that you have the right protection tools for your websites and web applications to ensure that you are making decisions based on data from people, not bots.
  • Posted on: 03/08/2021

    Does make sense as a separate business?

    Saks deciding to split their online and offline operations needs to be viewed from multiple perspectives. The primary driver is shareholder value and it is clear that the economics of the online business are different and much more positive than that of Saks' brick-and-mortar storefront. This has been particularly true in light of the pandemic where websites and web apps have become the primary way for consumers to discover, shop and interact with a brand. As a result online traffic and revenue have reached new heights, even as physical store revenue has slumped. So from a purely business perspective it makes sense. Looking at this from the eyes of the consumer, however, brings other thoughts to the fore. Consumers don't want to differentiate between an online brand and a physical store brand. There needs to be a handshake between the digital business and the physical store in order to keep things simple for the consumer -- for new interactions like buy online pickup in store (BOPIS) and for classic interactions like merchandise returns. Otherwise a retailer risks losing consumer dollars to a brand that does. I hope Saks keeps this top of mind. Ultimately, I see a blended or hybrid future -- with a seamless mix of online and physical interaction points. This is the omnichannel vision of many retailers and it will be interesting to see how this all plays out with Saks and others that may follow.
  • Posted on: 03/04/2021

    Are CTOs finally getting the respect they deserve?

    The relative importance of a specific C-level position varies based on the company, its strategy and its relative maturity, as does the scope and definition of a specific role. (Does it strike anyone else as interesting that this is about CTO/CIO -- they are different roles in MANY companies.) So it is not wise to paint everyone with the same brush. For companies that have been behind the digital eight-ball, it is logical that the CTO/CIO role has risen in importance as the pandemic has accelerated the need for digital-first thinking. For companies undergoing brand transformation, the CMO role is likely the most important. If a strategic change is in the works, then it is likely the CSO. And it is important to note that the skills highlighted as critical -- agility, collaboration, ethics -- are not positionally specific. So the long and short of it is that I believe this is a temporary shift and in a year or two from now, the market will have made another position "most" important!
  • Posted on: 02/25/2021

    Marketers are going online more and in-person less to gather research data

    Digital research solutions simplify and accelerate the ability for retailers and brands to get answers to questions that help them better serve their consumers and grow their businesses. But they may also benefit from the social media effect: the willingness of people to be more brutally honest about their impressions from the relative anonymity of a keyboard rather than an in-person discussion. That said, it will be important to maintain a balanced approach to research moving forward, using in-person where the topic is more organic and fluid, requiring a conversation, supplemented with digital where the topic is more discrete.
  • Posted on: 01/28/2021

    A digital first approach is essential to retail success

    Digital is the way business is done today. It was becoming a primary channel for many retail businesses, and those who were lagging were compelled to catch up as a result of the pandemic. It's important though, that being digital first doesn't merely mean taking your existing analog processes and digitizing them. It means rethinking the interaction with the consumer along their discovery and purchase process -- from home page to checkout -- and optimizing it. Thinking about the interaction between online and in-person -- or omnichannel -- will also be key. Perhaps most importantly, digital first means understanding that risks are different -- the digital world can be quickly upset by automated attacks and malicious code that are not present in the analog world -- and planning for it ahead of time. To move quickly, it's going to be important for retailers to find and embrace different talent -- people that are familiar with agile processes and digital thinking. This may mean looking for talent in new venues, and even teaching new skills to senior team members who rose through the in-store ranks, so they can effectively lead in the new digital normal.

Contact Kim


  • Apply to be a BrainTrust Panelist

  • Please briefly describe your qualifications — specifically, your expertise and experience in the retail industry.
  • By submitting this form, I give you permission to forward my contact information to designated members of the RetailWire staff.

    See RetailWire's privacy policy for more information about what data we collect and how it is used.