A new study indicates there is a high level of disconnect between consumer trust over how organizations handle personal data, and how those companies perceive being equipped to fully protect that data.The latest report from CA Technologies shared insight from consumers, cybersecurity professionals and business executives views about digital trust. This study, which was conducted by analyst firm Frost & Sullivan, digs into how consumers trust organizations to protect their digital data. The study also shares more information about how companies view their responsibility over protecting consumer data, how they share that data with third parties and the technologies they use to protect consumer privacy.“In today’s digital world, consumers expect security and privacy to go hand-in-hand with a great user experience. The study clearly shows that trust is fleeting if organizations don’t do their due diligence to protect consumer data from getting into the wrong hands,” said Mordecai Rosen, general manager of Security at CA Technologies.
“Now, more than ever, organizations need to understand that success in the digital economy requires that they embrace a security-first mindset – a key tenet in our Modern Software Factory model. A loss of digital trust has implications on all aspects of a business and brand perception, so organizations owe it to their customers and shareholders to get it right.”
The survey results indicate that there is a gap between how organizations view their responsibilities on data stewardship and consumer expectations around how organizations protect consumer data.
What the study revealed:
- Data breaches greatly impact customer loyalty: Nearly half (48%) of consumers said they have stopped using services of an an organization post-breach. Nearly half of those consumers were impacted by the breaches.
- Consumer and business decision makers have different perceptions about trust: There was a 14-point gap between how consumers and business decision makers/cybersecurity professionals think about how breaches impact trust.
- Consumers are lukewarm about sharing personal data: 49% of consumers said they are willing to provide their personal data in exchange for digital services.
- Data breaches are still running rampant across organizations: 48% of those surveyed said their business has been involved in a publicly disclosed consumer data breach.
- Organizations may be overly confident: 90 percent of organizations claim that they are very good at protecting consumer data
- Many businesses sell consumer data: 43 percent of business executives admit to selling consumer data that includes personally identifiable information (PII).
- Cybersecurity professionals aren’t always kept in the loop: Just 15 percent of cybersecurity professionals said they knew that their company was selling data containing PII.
“We are at a crossroads in the information age as more companies are being pulled into the spotlight for failing to protect the data they hold, so with this research, we sought to understand how consumers feel about putting data in organizations’ hands and how those organizations view their duty of care to protect that data,” said Jarad Carleton, industry principal, Cybersecurity at Frost & Sullivan, said in a news release.
“What the survey found is that there is certainly a price to pay – whether you’re a consumer or you run a business that handles consumer data – when it comes to maintaining data privacy. Respect for consumer privacy must become an ethical pillar for any business that collects user data.”
The Digital Trust Index for 2018 showed a consumer confidence score of 61 out of 100, which indicates a wavering trust from consumers about how organizations are able to fully protect their data. This score was based on how much consumers were willing to share their data, and how confident they were in how organizations protect that data.
As for how organization can mitigate these risk, some tips include:
- Implement advanced data breach detection technology
- Respond to breaches quicker to get ahead of the problems
- Alert customers when a breach is detected
- Be proactive with security measures
- Have stricter policies for sharing user data
- Reduce privileged user access
- Implement continuous user authentication technologies
- Adopt better cybersecurity and privacy controls