IT Security

Consumer attitudes to hacking

by Mark Rowe

Three out of four adults in the UK would stop doing business with, or would cancel a membership to, an organisation if it was hacked, according to a study from Centrify, a cyber security product company.

The study of 2,400 people across the UK, Germany and the US, looks at consumer attitudes to hacking and how likely consumers are to continue transacting with businesses, including retailers, banks, government, travel, health and hospitality firms, after a cyber attack.

To some degree, most consumers expect to be hacked, with 73 per cent in the UK admitting that it has become normal or expected for businesses to be hacked. Despite this, only half feel that they are taking enough responsibility for the security of their customers’ or members’ personal information.

Most people believe that the burden of responsibility for security falls to the business. About two-thirds in each country rated organisations as a nine or ten on a 10-point scale in terms of how responsible they should be for preventing hacks and securing the personal information of their customers. Those most likely to take their business elsewhere following a data breach include those who have had their personal information compromised in a hack previously, people who are tech savvy and who shop regularly online.

Bill Mann, Chief Product Officer at Centrify, says: “If three-quarters of customers are prepared to walk away from a business if it has been compromised, then what kind of message is this sending to those organisations? We would say that it is a very clear call to action to those businesses to sort out their processes and do everything they can to protect confidential customer information.

“When companies put customer data at risk they are really putting their entire business at risk. People simply will not tolerate doing business with potentially risky organisations, so it’s time for them to take full responsibility for their security and put the proper measures in place once and for all,” Mann adds.

Good and bad

According to the survey, financial institutions have the best reputation when it comes to dealing with security breaches compared to other sectors. They top the list of seven industries in terms of how well they handle security issues for their customers, although government/local government and HMRC come in a respectable second. Worryingly, retailers rank fourth and travel sites fifth in each country, while membership and hospitality businesses are the lowest ranked.

The study also shows that organisations are increasingly going public with news of security attacks and data breaches, often notifying their customers directly. Around one third in the UK have been notified of a hack. Of those notified of a hack, less than half (45 per cent) of those in the UK found out that their personal information, such as an address or credit card information, had been compromised.

Monitoring bank transactions and changing passwords – both with the hacked organisation and on other sites – are the most common steps suggested by organisations after advising customers of a hack. It is less common for a business to recommend that customers request any kind of alerts, such as a fraud alert, or to consider a security freeze, or implement multi-factor authentication.

The Centrify study can be found at: www.centrify.com/identity.

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing