[BreachExchange] What Consumers Think About Businesses Post–Data Breach

[Audrey McNeil]

http://customerthink.com/what-consumers-think-about-
businesses-post-data-breach/

Over the past few years, hundreds of businesses have suffered the ultimate
technology failure: the data breach. Even enormous companies, such as
Target, eBay, The Home Depot, and JP Morgan Chase, that claim more than
enough profits to erect an all-but-infallible security system suffered the
shame of cyber insecurity as millions of customer accounts were leaked and
personal information spread around the web.

Though some businesses might recover from a data breach, believing their
technological snafu to be little more than an embarrassing blunder, the
truth is that data breaches have a lasting impact on brands’ reputations
and consumer opinions. It is important to understand how the customer’s
experience changes after a data breach ― and to protect one’s business
against cyberattack so such disastrous effects never happen again.

Loss of Consumer Trust

As soon as news of a business’s data breach is made public, consumers lose
trust in that business. Individual consumers have supreme power over a
business, and when they lose trust due to a business’s insecurity, they use
their power to support a business’s competitors.

For example, after one of the most infamous data breaches in history,
Target’s sales fell by 46 percent in the fourth quarter of 2013 ― which
amounted to a loss of more than $200 million in profits. Such a loss in
available cash is undoubtedly devastating, especially when a business is
overspending on efforts to move past the data breach, such as engaging
legal teams to prosecute cybercriminals, contracting security firms to
rebuild protections, and enhancing PR efforts to regain consumer trust.

Almost regardless of what kind of data is leaked, whether it is related to
customer information or not, consumers are unlikely to do business with
such insecure companies. If personal data, such as credit or debit cards,
phone numbers, or addresses are lost, more than 86 percent of consumers are
unlikely to buy from that company again. The immediate loss of consumer
trust is exceedingly detrimental to a business’s short-term and long-term
profits.

Long-Term Damage to Brand Reputation

After much of the scrambling that occurs immediately post–data breach,
businesses tend to return to operations as usual. Stock prices recover and
growth might resume ― but consumers rarely forget. A data breach is as
injurious to a brand’s reputation as poor customer service or environmental
disasters, like the Exxon Valdez spill that still mars the brand’s name 27
years later. A data breach remains in the public consciousness for years,
corrupting brand image and lowering sales.

However, it is important to note that not all data breaches are equally
damaging. One study found that breaches that compromised customer
information diminished a brand’s value by as much as $332 million, while
the hacking of employee or business data was less important to consumers,
devaluing a company by only about $180 million. Therefore, businesses
should strive to protect customer data first and foremost if brand image is
important to their sales.

Techniques for Mitigating Harm

Unsurprisingly, the primary way to avoid damage due to data breach is to
avoid them altogether. Businesses and private individuals should secure all
connected devices with appropriate maximum security software, which will
protect data from all sorts of intrusions. Even after a data breach has
occurred, reestablishing security through security software should be a
high priority, and businesses should partner with reliable cybersecurity
firms for the best protections.

Many cybersecurity experts suggest that the breach itself isn’t what causes
consumers to question a company’s reliability; rather, it is how the
business reacts to the breach that indicates how long it will survive after
the hack. Thus, it is vital that companies prepare proactive responses to
alleviate negative consequences of a breach. As yet, there is no
tried-and-true formula for regaining trust and reputation post–data breach,
but being honest about losses, explaining plans for remuneration, and
having a strong marketing plan should earn consumers’ patronage, if not
necessarily their confidence.

Cybersecurity isn’t only vital for private individuals or businesses; even
governments are learning the importance of advanced security protocols. In
the coming years, the number of annual data breaches is likely to increase,
and thus public faith in businesses might recede. To survive the oncoming
storm, businesses must be prepared ― with defenses as well as plans of
attack ― to salvage positive consumer opinion.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170120/d2ad4688/attachment.html>