As global economies continue to battle the challenges brought on by COVID-19, millions of people around the world continue to work from home to help slow the spread of the disease. With local lockdowns happening across England, as part of a new three-tier restrictions strategy which has come into force, remote working is set to continue for some time.
The global nature of the pandemic is unlike anything we’ve seen in our lifetime. Many ‘regular’ disasters are regional – storms and earthquakes for example – so the prevailing thinking was it would be extremely unlikely that enough capacity would be required for a whole global team to work virtually. COVID-19 has upended this logic.
Many business continuity plans have needed to be rebuilt. Importantly, this highly unusual scenario has created unprecedented security challenges for business leaders. In fact, new research has found that nearly two in five UK employees could inadvertently be putting their employers at risk of a cyberattack while working at home, due to a lack of company-supplied information on the related risks.
Cyberattacks can have a heavy impact on brand loyalty today, especially amongst younger generations. With restrictions having been placed on almost every aspect of life at some point in 2020, people have become highly reliant on technology to help them cope. This dependence on online services, and the increasing amounts of data being shared digitally, is extremely attractive to hackers. Companies must ensure the availability of their services so they can adapt and continue to serve and protect customers under all circumstances.
Which cyber security flaws lose businesses the most market share?
In 2016, GDPR marked a watershed moment in the protection of personal data. It was complex, expensive, and universally applied to over 440 million inhabitants of EU member states, and other countries that send/receive data from the region.
Despite being an aspect of organisational regulatory compliance, GDPR is brought to the attention of every consumer in the EU each time they visit a new web page via a banner or pop-up window asking their permission to ‘accept cookies’. Perhaps deliberate, perhaps accidental, this small and repetitive task vicariously acts as a reminder to web users of the value their personal data holds.
The more data privacy becomes part of our cultural zeitgeist, the more likely it is for consumers to understand both the severity and consequences of apparent cybersecurity flaws in services. According to a recent survey of 2,000 UK consumers conducted by YouGov on the behalf of Sungard AS, businesses can expect to lose 43 percent of their customers if an online service suffered downtime as a the result of a cyber-attack, rising to almost three-quarters (72 percent) if the attack resulted in personal details being compromised.
Cyber security failures are now more damaging than IT failures
Whether it’s rolling news headlines detailing the latest high-profile breach at a major global organisation, or simply more complicated requirements for creating new passwords, cyber security imperatives are a fact of life for us all.
As awareness increases, a new precedent for both brand reputation and customer loyalty has emerged. According to the research referenced above, consumers are now more than twice as likely to stop using an online provider’s services if they were knocked offline by a cyber-attack (43 percent) than an IT failure (18 percent).
Downtime can be frustrating even at the best of times, but the results make clear greater cyber security awareness has now had a tangible impact on its tolerance among consumers.
Increased planning required
In today’s IT-driven business world, assessing technology risks is a critical part of business continuity planning in every company across every industry. This is especially true when it comes to cyber security, where even the smallest IT footprint provides attackers with a gateway to global supply chains, and the ability to wreak havoc on countless stakeholders.
While cyber security is a universal imperative of business resilience, there are certain industries in which the reputational damage of a cyberattack can be particularly impactful. Our research shows that organisations in the financial services industry are most at risk of losing their customer base, with over two-thirds (67 percent) of respondents claiming they would switch providers immediately if they became aware of cyber security flaws. The results also show home broadband and online retail service providers to also be in high-risk categories, with the potential to lose 64 percent and 58 percent of the customers, respectively.
Meeting new expectations
Businesses today face a landscape of disruption and rapid change due to the increasing use of technology at the heart of everything we do. Most importantly, we live in an ever increasingly interconnected world. When it comes to cyber security, this means that businesses must think less of what to protect and more about who to protect. And why.
Our research is a clear indication of public tolerance for data breaches decreasing. Ensuring the availability of services and protecting customers under all circumstances from the exposure of their personal details must be a priority for business leaders in all sectors.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.