SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Consumer tolerance of cyber attacks wanes as users wise-up about security
Thu, 30th Apr 2020
FYI, this story is more than a year old

70% of consumers across the world believe businesses are falling short of their obligation to protect user's data, and assume it has been compromised without them knowing it, according to new research from Arcserve released today.

The survey of nearly 2,000 consumers across North America, the UK, France and Germany indicates increasingly that if users deem businesses are not doing enough to safeguard their personal information, they will go to a competitor.

Perceived trustworthiness is also becoming more important for consumers as they become more educated on the risk of cyberattacks.

Almost 90% of respondents said they consider the trustworthiness of a business prior to purchasing a product or service, and almost 60% of consumers would likely avoid doing business with an organisation that had experienced a cyberattack in the past year.

Consumer tolerance of cyber-attacks against organisations they were previously loyal to is fast fading, with the study finding that a quarter of respondents would abandon a product or service in favour of a competitor after a single ransomware-related service disruption, failed transaction, or instance of inaccessible information.

Additionally, 66% of respondents cited they would turn to a competitor if an organisation couldn't restore systems and applications within three days following a cyberattack, and over a third of those would be willing to switch after a mere 24 hours of waiting to access their information or make a transaction.  

Some industries are at more risk than others of the plummeting will of consumers to put up with cyber-attacks.

Banks and security providers are under immense pressure to keep attacks at bay, with almost half of respondents reporting that they would abandon them immediately upon experiencing a ransomware-related event which prohibited them from transacting or accessing information.

While organisations with shoddy security landscapes may not survive, Arcserve says the businesses taking cybersecurity seriously could benefit from increasing public awareness on security issues.

The study indicates that over half of respondents would be willing to pay more for products and services they believe to be more reliable and secure in the banking and securities industries, and over 40% would pay more if they believed products and services were more secure from companies in the healthcare, insurance, and retail categories. 

“Consumers are clearly already hesitant about working with companies hit by cyberattacks, and they just won't tolerate disruption as businesses figure out recovery and remediation plans after-the-fact,” says Arcserve chief technology officer Oussama El-Hilali.

“The findings represent a stark warning for all organisations given that one in four of their customers will be gone immediately upon disruption, with many more losing patience within 48 hours.

“Businesses must do more to ensure they're protecting their data from cybercriminals and mitigating the chance they'll experience extended downtime,” says El-Hilali.

“We recommend a two-pronged approach where cybersecurity, backup and disaster recovery are deeply entwined.”