Data breaches are eroding consumer trust

The Institute of Customer Service (ICS) has revealed the results of research into consumer opinion of organisations in the aftermath of data breaches. 

Its findings suggest that society has conversely become both more accepting of cyber attacks ‘as a part of life’, but also less trustworthy of organisations that have been breached.

The survey of 1,000 consumers found that businesses have more work than they might think in restoring consumer trust following a data breach. More than three-quarters of respondents now believe organisations will “never be able to protect their data” again, while 25% said that nothing could restore their trust after a breach.

83% also said they wanted to see the Government imposing stricter fines for when safeguards were not implemented.

The research was undertaken as a result of a number of recent high-profile data breaches in the UK, culminating in telco provider TalkTalk experiencing a website attack that left around 4m customers having their personal and financial details compromised by hackers.

TalkTalk’s laboured response to the hack was heavily criticised, and the ICS’s CEO, Jo Causon believes much of consumer trust erodes as a result of an organisation’s customer communications in the aftermath of a breach, as opposed to the breach itself:

“Acceptance of the inevitability of cyber attacks may be a reality, but British consumers have become increasingly concerned about the way organisations use customer data and protect it, once a breach has happened,” she said.

“The fact is that a customer’s experience is determined not just by performance when things go well, but the promise of performance when things go wrong.  That’s why the organisations best able to deliver a strong, reassuring and detailed outline of their cyber strategy and demonstrate its execution will set themselves apart from their competitors and go a long way to securing the loyalty of customers in the long-term.”

Research from Data Compliant says that 81% of large organisations and 60% of SMES experience data breaches each year, and the cost of a breach to a large organisation averages between £600K to £1.15M (and between £60K and £115K for an SME).

Such is the expense to the business, both financial and reputational, that Causon agrees with the growing argument that data breaches should no longer be seen as purely an IT-based concern:

“It’s too easy to suggest that cyber security and knowledge of how an organisation protects its customers’ data is the domain of the IT team.  Good customer service means that any employee should be able to answer any query because, in today’s relationship economy, a consumer can come into contact with many different members of staff and they all need to be fully prepared.

“Of course, security cannot be wholly delegated by the consumer but any failure to prepare post-breach policies will have a significant impact on the bottom line of UK plc. We have already seen how a company’s share price can be affected by an attack, but the way it is handled from a customer service perspective is what will have the biggest impact on the long-term financial health of a business. Transparency, speed of notification and consistent communication will be crucial if businesses are to regain the trust that will be lost from having customer data compromised. A failure to do so will be disastrous for the business.”