Several very public data breaches - think Ashley Madison and TalkTalk - cost businesses millions of pounds in 2015, but that's just the beginning.
Aside from the financial hit, reputational damage can also have a huge impact on a company's bottom line, especially for smaller organisations. And once customers have lost faith in your business, it can be exceedingly difficult to get it back.
To delve a bit deeper into the decline of consumer trust following several high profile data breaches over the last 12 months, we spoke to Greg Hanson, vice president of business operations for EMEA at Informatica.
- Just how much of an effect have the data breaches in 2015 had on consumer trust?
As a result of the soaring number of security breaches hitting the headlines over the past year - from Moonpig to Greenwich University - consumers are increasingly wary of handing over their data to organisations.
Recent research looking into the State of the Data Nation found that nearly three quarters of UK consumers are concerned about the level of personal data shared with brands online. As a result, over half of UK consumers are reclaiming access and plan to share less data over the next three years, while a third claim nothing could incentivise them to share data at all. Customer trust has clearly been severely damaged by the impression that businesses are simply not able to prevent personal data from getting into the wrong hands.
- What lessons have been learned from 2015 around data security?
Organisations have learnt that it’s not a question of if, but when their data will come under attack. To mitigate against this, they need to adopt a data-centric security programme that enables them to track and trace the proliferation of data across the business. As a result, they will be able to ensure the right measures are in place to protect personal data effectively, meet regulatory demands and address security concerns.
Of course, data security isn’t just a question of defending against threats, but also about being able to isolate, repair and respond to an attack when it happens. As part of this change in mentality, transparency and communication with the customer is key. Businesses can’t simply sweep data security concerns under the carpet and hope for the best. Instead their approach should be focused just as much on keeping customers informed as it is on preparing for and responding to a breach.
- What should organisations be doing to help persuade users that their personal information is safe?
The key point here is relationships. Reassuring customers and building trust in the long-term will be determined by the proactive steps to be more transparent about data usage. Taking the time to listen to what customers want, then responding quickly and appropriately is one of the most effective ways in which companies can build consumer confidence. Making it clear where customer data resides and what policies have been put in place to regulate the handling of this data is also important to regaining and keeping consumer trust.
Social media is a great tool for companies looking to do this. Consumers show little restraint in vocalising their demands online for how they want their data stored, archived or deleted. Organisations would do well to engage with these demands and communicate on how they aim to meet customers’ needs.
- How much of an effect do you think the new GDPR will have when it comes into force?
As stricter EU data regulations are enforced in the coming months, compliance will become a trust marker for consumers. Businesses which are unable to meet regulations will find it hard to prove to consumers that their data strategies are sufficiently strong.
On top of that, organisations are going to face much harsher penalties - if they get it wrong, a breach of regulations could result in a fine of up to 4 per cent of global revenues, a sum that could seriously damage business viability. As a result, companies need to ensure they are rolling out a comprehensive and adaptable security regime, in order to avoid falling foul of the evolving regulatory landscape
- What tips would you offer to businesses looking to improve their data governance and security?
Companies need to know where personal information is being held within their network – whether it’s in the cloud or on-premise servers. From there, organisations can track any data movement within and outside of the corporate network. Only then can they ensure that it is secure.
Businesses also need to compete on customer service rather than price when it comes to improving data governance and security. As new data breaches come to light over the next year, the organisations who succeed in delivering a superior data protection and breach resiliency service, will be the ones to master their data security strategy in the eyes of consumers.
- What trends do you think we'll see in 2016?
2016 will mark a turning point for consumer buying behaviour. With products and services becoming increasingly homogenous, consumers will make more choices based on trust and customer experience. Data security is a huge differentiator when it comes to building loyalty and trust.
However, simply having a cyber security system in place to tick corporate boxes is no longer enough: transparency and communication will be at the heart of building consumer confidence.
Image Credit: Shutterstock/xtock