A Ping Identity study has revealed that 78% of consumers would no longer use a retailer’s website if it had suffered a data breach.
Ping’s 2018 Consumer Survey, which polled more than 3,000 people across Europe and the US, also found that:
- 48% won’t sign up for an online service if the organization has recently been breached;
- 56% won’t accept an increased service fee in exchange for increased security protections; and
prioritisethe protection of their personal information when using an online service.
By contrast, only 12% of people prioritise convenience, and 7% prioritise a personalised user interface.
The results show that the public is increasingly aware of the risks that come with sharing data, and that customers are quick to hold organisations accountable for security failures. If organisations can’t demonstrate their ability to keep information safe, customers will go elsewhere.
How can your organization reduce the risk and retain customers’ trust?
- Understand, align with and operate within the regulatory requirements of your industry. Whether that is the GDPR (General Data Protection Regulation), PCI DSS (Payment Card Industry Data Security Standard), Cyber Essentials or the NIS (Network and Information Systems) Regulations, compliance with regulatory frameworks will ensure you take the best steps to reduce the risk and enable you to respond effectively if you do suffer a breach.
- Train your staff. Human error remains a leading cause of data breaches, so creating a cyber security culture in the workplace is the best defensive strategy. Training can be classroom-based, but there are other options such as e-learning, in-house courses, or books for independent learning.
- Remain vigilant. Within the realm of cyber security, being a little paranoid is a healthy approach. No one is too big to be breached (as seen from the organisations that have recently hit the headlines), or too small. A 2018 survey of more than 1,000 SMEs (small and medium-sized enterprises) revealed that more than half are unprepared for cyber attacks, despite a quarter of them believing breaches are a matter of ‘when’, not ‘if’. The average cost for an SME to recover from an incident is about £90,000, so small organisations should invest in security measures to reduce risks.
No organization can easily survive losing 78% of its potential audience.
Our easy-to-integrate, Cloud-based tools – vsRisk Cloud, the Data Flow Mapping Tool, the DPIA Tool and Compliance Manager – help you identify your legal requirements, understand the data you process and conduct information security risk assessments in line with international best practice.
Suitable for organisations of all sizes, vsRisk Cloud is a leading information security risk assessment tool that delivers fast, accurate, auditable and hassle-free risk assessments year after year. Fully aligned with ISO 27001, it significantly cuts the consultancy costs typically associated with information security risk assessments, and helps protect your organisation from the penalties and financial losses associated with data breaches.
The Data Flow Mapping Tool simplifies the process of creating data flow maps, giving you a thorough understanding of the personal data your organisation processes and why, where it is held and how it is transferred.
The DPIA Tool walks customers through the six steps they must complete as part of a DPIA (data protection impact assessment). The tool also helps you determine quickly whether a DPIA is required, and that you ask all the right questions.
Avoid spending significant time and money researching relevant laws and regulations for your organization with Compliance Manager. This software makes it easy to identify your legal and regulatory information security requirements.