This year's SC Magazine Guarding Against a Data Breach Survey revealed some interesting facts around the stressors that information security leaders shoulder, though. Yes, regulatory mandates still drive a lot of action among them and, yes, possible negative impact to the brand is a major worry for most, but, interestingly, customer demand has become another significant force.
Consumer influence likely will remain or grow even more intense, too, some experts believe. According to last year's Data Breach survey, 36 percent of the 217 respondents noted patrons as a main driver behind their shoring up of data security compared to this year's higher impact of 41.4 percent. Also, concerns over profit loss – a direct result of customers and investors losing faith in a breached organization's ability to act as a sound shepherd of personally identifiable information (PII) – remained largely constant year over year at about 40 percent.
“Customers nowadays demand corporate responsibility in terms of transparent operations and accountability,” explains Stephen Fridakis, chief of the IT programs and quality assurance division of IT solutions and services (ITSS) at UNICEF. “The policies that a company employs, including discrimination, labor practices and others, as well as the operational transparency that it uses, sustains customer demand.”
Others, though, dispute the power that customers – and the potential resulting profit losses – have on pressing a company to bolster its information security programs. “Customers returned in droves to TJX,” says Rufus Connell, VP of information and communications technology at research and consultancy firm Frost & Sullivan. “I do not see customers voting against insecurity with their wallets. I still see customers being apathetic.”
It's true, some folks still shop at joints that may have compromised their PII. But, as major breaches continue, buyers will become less blasé about how businesses handle their data. At a time when consumers are watching every penny leaving their wallets, the trust and confidence they develop for companies is prime. To illustrate this, last year's Javelin Identity Fraud Report found that when credit card fraud occurs, about 15 percent of all customers leave their credit card provider and some 17 percent leave their bank or credit union. Another 40 percent experiencing debit card fraud seek out another supplier.
Some purchasers still might find talk of how companies are securing their data a bore. That's beginning to change, however. These still might be the days when it rains, not pours, but take a lesson from Bowie and Freddie Mercury: They're bound to come.
Illena Armstrong is editor-in-chief of SC Magazine.