Clearly it is embarrassing, and we’ve all heard about the huge fines that have been imposed on some organizations following a data breach, but what is the long term impact of such an event? A study conducted by Thales e-Security has showed that the vast majority of people would reduce or eliminate the use of an organization’s products or services following a data breach, and only 16% of respondents would continue to use an organization’s products or services as usual.
According to the UK-based study, one in five people (20%) would withhold custom altogether from an organization that had been breached, while over a third (37%) stated they would only use their products and services if there were no other alternatives.
This major rejection of organizations that have been breached demonstrates why business continuity professionals are concerned about this type of threat. In fact, the Business Continuity Institute’s latest Horizon Scan Report identified data breach as the number two threat (after cyber attack) with 80% of respondents to a global survey expressing concern about the possibility of such an incident occurring.
“It’s important for firms to recognise just how much of their customer base might be lost in the wake of breach incidents,” said Sol Cates, vice president of technology strategy at Thales e-Security. “With more than half of respondents saying that they would either immediately stop using an organization’s products or services altogether, or use them only if they have no other choice, effective security controls specifically placed around data to prevent and minimise damage from data breaches become an absolute requirement.”
The survey also questioned respondents on what they would be most concerned about following a breach of their personal information. Nearly half (46%) stated that money being stolen from their bank account was the main concern, while two in five stated that it was having their identity stolen.
“The theft of money from someone’s bank account as the result of a breach is a very tangible fear, but realistically it is much less likely than other outcomes,” continued Cates, “The implications of identity theft should pose far more of a concern, as they can be extremely painful and long lasting, with clean-up from incidents taking months or even years, and having long term effects on using and obtaining credit when it is really needed. Once your data is ‘in the wild’, your life is never the same.”