Consumers have spoken: According to new data, the majority of your organization’s customers won’t do business with you after a data breach and expect you to pay to protect their personal information.
With so many news stories on data breaches, and seeing the record numbers increasing to unimaginable counts, the default position for organizations today should be when we have a data breach, and not if.
Lots of new laws are popping up to protect consumer information, such as the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), the California Consumer Privacy Act (CCPA), and the Ohio Data Protection Law. This puts your customer’s information squarely in the sights of compliance mandates designed to keep it safe.
In addition to compliance fines resulting from a breach, new survey data from identity management vendor Ping Identity shows the repercussions from a data breach will cost the organization much more.
According to the consumer-focused report, the attitude among your customers towards your organization should you have a publicized data breach is pretty dismal:
- 78% of existing customers would stop engaging with your brand online
- 49% of new customers would not sign-up to use your brand
These staggering stats mean material impacts on the organization, possibly putting some out of business.
Between the customer concerns and compliance mandates, organizations must take a proactive stance to ensure the protection of customer’s personal information. Putting policies, processes, and people in place to address the governance, risk, and compliance auditing necessary to ensure protected consumer data is secure is key. By auditing controls around protected data, organizations minimize the risk of breach – and avoid the potential fines and customer fallout that can follow.