78% of customers won’t go back to a breached organisation

A Ping Identity study has revealed that 78% of consumers would no longer use a retailer’s website if it had suffered a data breach.

Ping’s 2018 Consumer Survey, which polled more than 3,000 people across Europe and the US, also found that:

  • 48% won’t sign up for an online service if the organisation has recently been breached;
  • 56% won’t accept an increased service fee in exchange for increased security protections; and
  • 59% prioritise the protection of their personal information when using an online service.

By contrast, only 12% of people prioritise convenience, and 7% prioritise a personalised user interface.

The results show that the public is increasingly aware of the risks that come with sharing data, and that customers are quick to hold organisations accountable for security failures. If organisations can’t demonstrate their ability to keep information safe, customers will go elsewhere.

How can your organisation reduce the risk and retain customers’ trust?

  • Understand, align with and operate within the regulatory requirements of your industry. Whether that is the GDPR (General Data Protection Regulation), PCI DSS (Payment Card Industry Data Security Standard), Cyber Essentials or the NIS (Network and Information Systems) Regulations, compliance with regulatory frameworks will ensure you take the best steps to reduce the risk and enable you to respond effectively if you do suffer a breach.
  • Train your staff. Human error remains a leading cause of data breaches, so creating a cyber security culture in the workplace is the best defensive strategy. Training can be classroom-based, but there are other options such as e-learning, in-house courses, or books for independent learning.
  • Remain vigilant. Within the realm of cyber security, being a little paranoid is a healthy approach. No one is too big to be breached (as seen from the organisations that have recently hit the headlines), or too small. A 2018 survey of more than 1,000 SMEs (small and medium-sized enterprises) revealed that more than half are unprepared for cyber attacks, despite a quarter of them believing breaches are a matter of ‘when’, not ‘if’. The average cost for an SME to recover from an incident is about £90,000, so small organisations should invest in security measures to reduce risks.

With more than 40% of UK businesses experiencing some form of cyber security attack or data breach in the past 12 months, it’s easy to see why organisations are looking to invest. However, when building your business case for investment, don’t forget to consider the potential long-term damage a breach could cause to your brand and the human instinct to withdraw from danger. No organisation can easily survive losing 78% of its potential audience.

How Vigilant Software can help

Vigilant Software aims to make data protection, cyber security, information security and risk management straightforward and affordable for all. Drawing on our years of experience developing and deploying risk management tools and services, our products reduce the complexity of your implementation project.

To request a free seven-day trial of any of our tools, please click here.

Our easy-to-integrate, Cloud-based tools – vsRisk Cloud, the Data Flow Mapping Tool, the DPIA Tool and Compliance Manager – help you identify your legal requirements, understand the data you process and conduct information security risk assessments in line with international best practice.

Suitable for organisations of all sizes, vsRisk Cloud is a leading information security risk assessment tool that delivers fast, accurate, auditable and hassle-free risk assessments year after year. Fully aligned with ISO 27001, it significantly cuts the consultancy costs typically associated with information security risk assessments, and helps protect your organisation from the penalties and financial losses associated with data breaches.

The Data Flow Mapping Tool simplifies the process of creating data flow maps, giving you a thorough understanding of the personal data your organisation processes and why, where it is held and how it is transferred.

The DPIA Tool walks you through the six steps you must complete as part of a DPIA (data protection impact assessment). The tool also helps you determine quickly whether a DPIA is required, and that you ask all the right questions.

Avoid spending significant time and money researching relevant laws and regulations for your organisation with Compliance Manager. This software makes it easy to identify your legal and regulatory information security requirements.

And coming soon is GDPR Manager, your four-in-one compliance solution for managing your GDPR activities with one tool. It enables you to assess your data protection practices and manage some of the more arduous elements of GDPR compliance, such as recording and reporting data breaches, handling subject access requests and determining whether third parties have suitable measures in place to protect personal data.

Find out more

To learn more about our tools and protecting your organisation from a data breach, watch our short introductory videos: vsRisk Cloud, the Data Flow Mapping Tool, the DPIA Tool and Compliance Manager.

To request a free seven-day trial of any of our tools, please click here.

*** This is a Security Bloggers Network syndicated blog from Vigilant Software Blog authored by Nicholas King. Read the original post at: