Who would you trust after a data breach?

Despite the popular press view of bankers it seems that the vast majority, over 86% would trust their bank to hold personal data securely online. However that trust is not as solid as you might think. When asked what would happen if a bank had a data breach just under a quarter would go elsewhere while 44% would stop using until the problem was fixed.

There is a caveat to these numbers as the question conflated an attack on both retailers and banks. As such these numbers might be overstated for the banks leading to more trust than it appears.

Healthcare providers are unsurprisingly high on peoples trust index. After all they hold vast amounts of very personal data on us. The challenge is that the healthcare industry is being courted by insurers to release more data for them to analyse ostensibly to tune policies. The fear is that it will end up hitting premiums. With the rise in healthcare data breaches in the US likely to be seen in the UK next year, this is something that will also have to be revisited.

Insurance companies are also high on the trust index at 69%. Interestingly the Financial Conduct Authority (FCA) has issued a call for input around how the industry uses big data and analytics. Depending on the results and actions taken, this could have a significant impact on trust of insurance companies. It will be interesting to see the results if this survey is conducted after the FCA reports.

What is equally surprising is the level of trust in online retailers. After all the breaches over the last year over 66% are still willing to trust retailers with their personal details including credit card numbers. Of course, the same caveat applies above here as to when they suffer a breach and the number of customers they would lose temporarily and permanently.

So what about the most distrusted? 202 people said that they would not trust anyone to hold their personal data securely online. This is no surprise and it would be interesting to know if these are people with technology or security backgrounds. The reality here is that anyone can be hacked and the more you want people to use your site the greater the risk of a data breach.

The most distrusted were dating sites with 448 people saying ‘not a chance.’ Its not just the Ashley Madison debacle that is the issue here but the fact that these sites hold such very sensitive and personal data. Almost as despised as dating sites when it comes to personal data are social networks. The irony here is the amount of data people willingly give up and the refusal of the main sites to tighten the rules around what data app developers can obtain.

Fake sites top the list of reasons to not go online

Fakes sites at 69% and concerns over data privacy and safety at 66% top the reasons to avoid using online sites. Despite the attempts by browser vendors and security companies to detect fake sites and warn users through the browser bar or with a message it is surprising that so many still see this as such a big issue.

59% find websites hard to navigate and it would be interesting to see exactly how many of those were among the 33% that prefer to walk into a store. There is certainly a well recognised problem of people standing in stores and checking prices online. Foyles on Charing Cross Road asked people not to do this as far back as five years ago but it still goes on. However with one third of people still preferring a store that is good news for the high street.

Personal data and identify theft are the reasons that people cite as threats to their privacy online. This is not surprising as both get a lot of attention. Cyber bullying is seen as a very low risk but that could be because only 20% of the respondents were aged 18-29. Doing this survey in an inner city school would probably deliver different results here and it would be interesting for NTT COM Security to consider widening the age group to include those who are the most aware of the Internet but also the least likely to deal with security.

Conclusion

This is a survey that will concern retailers in the lead up to the biggest sales period of the year.  If shoppers do decide to move away from the Internet and head to stores, many retailers will be unable to accommodate them.

However shopping in store is no protection either. The rise of point-of-sale (POS) breaches is accelerating. The emergence of the most sophisticated piece of POS malware, ModPOS as reported by iSight Partners, threatens carnage among retailers who get infected.

All of this is bad news for the majority of shoppers who still don’t take the most basic precautions when using an ATM machine. This Christmas promises to be a great one for hackers and online criminals and one where retailers are not just battling for sales but to keep their reputations intact.

LEAVE A REPLY

Please enter your comment!
Please enter your name here