The demographic breakdown of a recent poll of 6,500 consumers released by FireEye, Inc., which found that security breaches affect how consumers perceive and trust brands, and may have a longer term impact.
Slideshow images and graphs from Beyond the Bottom Line: The Real Cost of Data Breaches
Consumers have high expectations around data breach notification: On average, the survey found that 66 per cent of consumer respondents expect to be informed immediately of data breach occurring. For the vast majority (91%), it should be at least within 24 hours.
Most consumers are aware of the impact a data breach as on them, if only partially.
Data breaches do have an impact on consumer loyalty and perception, according to the survey. Close to four in 10 respondents say their perception of breached organizations has diminished.
The negative brand perception can be contagious, the survey says. One third of respondents now feel more negatively about organizations in general as a result of high profile data breaches.
The reasons for the data breach are also relevant to how consumers feel about the brand, the survey found. Around three quarters of respondents said they would be likely to stop purchasing with an organization if they found out that the theft of their data was due to a lack of board-level attention to security. Similarly, negligent data handling and negligent data protection would also be likely to drive them away.
Not surprisingly, there are legal ramifications for companies if a breach occurred, the survey found. Six in ten consumer respondents would take legal action against an organization if their details were stolen and used for criminal purposes as a result of a data breach, while 59 per cent would choose to leave the organization involved. Only 4 per cent of consumers surveyed would stay and take no action.
Given how data driven many companies are, they may want to pay attention to this stat: the survey found 70 per cent of consumer respondents would now give less personal information to organizations in light of recent data breaches, and only 30 per cent say they would give the same amount or more.
Ultimately, consumers take security seriously and it is a consideration when they make purchases, according to just over half (51 per cent) of respondents.
Data breaches affecting consumers are usually big news, but often the focus is on the short-term impact on privacy and immediate financial exposure of all involved. However, a recent study released by FireEye, Inc. found that security breaches also affect how consumers perceive and trust brands, and may have a longer term impact.
According to the study of 6,500 consumers worldwide across many demographics, two-thirds of respondents expect to be informed immediately if a data breach occurs, while not quite half – 46 per cent – report that they have a full awareness and understanding of the potential impact that a data breach can have. In addition, one-quarter of respondents believe their data would be less secure with an organization that has been breached compared to an alternative supplier, while 36 per cent say their perception of breached organizations has diminished, and a third now feel more negatively about organizations in general as a result.
FireEye SVP and CTO Grady Summers said the results confirmed what the company already knew: consumers trust brands less after a data breach. But more importantly, they are less likely to share information in the future, a stat that jumped out, he said, as so many companies rely on data for marketing and consumer targeting. “I think it might have longer term consequences than they realize.”
The study lays out what consumers say they would do in the event a brand they use regularly had a data breach, but it’s not certain they will necessarily follow through. Summers said it’s unlikely that a consumer will drive 15 minutes further rather than shop where it’s most convenient.
Consumers do have high expectations around data breach notification, the study found, as 90 per cent expected to be informed within 24 hours, which Summers noted isn’t all that reasonable, given how complex these breaches are and what goes on behind the scenes.
What struck Summers as interesting what that just over half consumers cite security as being important when making purchasing decision, so investing in security is more than downside mitigation for companies, but also a way to improve how their brand is perceived in the eyes of consumers, some of whom may be will to pay a little more for peace of mind.
He said the survey results are leverage for IT organizations making the arguments for investment in security technology and staff. “Hopefully it will help security organizations to take it beyond an IT discussion and bring it to the board level.”