One of the biggest problems from a data breach for companies is the loss in consumer trust following a breach event. This loss of trust involves loss of customers and an effort on the part of companies to regain that trust to keep customers. Both regaining and/or keeping consumer trust can present a challenge when CEOs aren’t pushing for holistic security measures.
Proving security includes concerns around many aspects of a company’s way of handling, sending, storing, and using data. One of the first ways companies can do their best to show they care about the data their customers share with them (before or after breach) is by meeting compliance requirements such as GDPR.
A survey by Janrain reveals that the key to regaining trust and forgiveness by consumers following breach is transparency about the data breach event and response. Also worth noting from the survey is that even though consumers would forgive the company that was breached, it doesn’t mean they would continue being open to share their data, this is where legislations such as GDPR and CCPA play an important role in consumer trust of a company with the data they hand over to businesses.
Another interesting statistic from Janrain’s survey is that 71% of consumers say they have downloaded software that helps them protect their data privacy and 66% of consumers believe the US government should bring about a legislation similar to the EU’s GDPR.
This reveals the importance for consumers on both data privacy and security topics or issues, which is why the two go hand in hand when talking about cybersecurity steps and overall posture amongst the company’s executive team members (CEO, CIO, the board, etc.).
While meeting compliance is usually sought out by CEOs and the board to avoid costly fines, if the CIO brings to the table the conversation around customer trust it can help make a case for meeting compliance regulations, but not only.
Since customer trust revolves around their data, it helps the CIO prove to the CEO and the board how chasing compliance rather than securing the crown jewels (the data), is not going to keep customers, their trust or reduce the chances of breach or the costs of post-breach.
As customers continue voicing their concerns around data privacy and the handling of their personal data, and with governments meeting these concerns by bringing forth legislations such as GDPR or CCPA, businesses are going to have to start taking steps to go beyond minimum compliance needs.
Let’s talk about how to go beyond compliance so you can secure the crown jewels (data) and address your customers’ data trust concerns, as well as have steps in place to regain and keep customer trust in the event of breach thanks to the transparency that comes with the right incident response plan when companies put in place a holistic cybersecurity posture.
Photo courtesy of wavebreakmedia