A report from Arcserve indicates that consumers are likely to avoid conducting business with an organisation that has experienced a cyberattack. It further reveals that consumers will not tolerate ransomware-related service disruptions or security breaches and will turn to a competitor after a single failed transaction or instance of inaccessible information.
Arcserve Southern Africa has revealed the results of research conducted by Arcserve, a data and ransomware protection provider. The research aimed to measure how cybercrime influences purchasing behaviour and brand loyalty.
It found that while most consumers are taking necessary security precautions to protect their online accounts, businesses may not be doing enough to protect their information – inadvertently driving sales to competitors that can.
The survey of nearly 2,000 consumers across North America, the United Kingdom, France and Germany, found that 70% believe businesses aren’t doing enough to adequately secure their personal information and assume it has been compromised without them knowing. As consumers become more educated and cyberattacks become well-known, perceived trust becomes more influential in their purchasing decisions, with the study also finding that:
- Nearly nine out of 10 consumers consider the trustworthiness of a business prior to purchasing a product or service
- 59% of consumers would likely avoid doing business with an organisation that had experienced a cyberattack in the past year.
These findings suggest businesses must manage uncharted challenges with the rise of cybercriminals now making breaches public, regardless of ransoms paid.
Cyberattacks have arguably become the largest business threat, however, the quantifiable impact on consumer behaviour has not been widely understood. The study found that one in four consumers will abandon a product or service in favour of a competitor after a single ransomware-related service disruption, failed transaction or instance of inaccessible information.
It also found that tolerance for these events quickly deteriorates, with:
- Over 66% of respondents citing they would turn to a competitor if an organisation couldn’t restore systems and applications within three days following a cyberattack
- Over a third of those would be willing to switch after a mere 24 hours of waiting to access their information or make a transaction
Moreover, the potential damage doesn’t stop during or shortly thereafter a cyberattack event. More than eight in 10 respondents admit to sharing their negative, ransomware-related experiences with family, friends, or colleagues, posting about their experiences online or emailing about the incidents.
While the report concludes that consumers are generally intolerant of cyberattacks, there are a few industries where businesses are under even more pressure to keep data secure and operations running.
The survey found that:
- Nearly half of consumers would walk away from their banking or securities provider immediately upon experiencing a ransomware-related event which prohibited them from transacting or accessing information
- 43% would immediately seek out a competitive communications product or service
While there are many negative ramifications caused by cyberattacks, businesses that take proactive steps and mitigate ransomware quickly will benefit in the long run. Over half of respondents would be willing to pay more for products and services they believe to be more reliable and secure in the banking and securities industries, and over 40% would pay more if they believed products and services were more secure from companies in the healthcare, insurance and retail categories.
Byron Horn-Botha, Arcserve Southern Africa Lead: Channel and Partnerships, said the trends displayed in this international survey are also relevant to the South African market.
“The survey results deliver a stark cautionary message to all businesses to prioritise cybersecurity and Disaster Recovery (DR) plans or lose customer loyalty and trade. Arcserve recommends a two-pronged approach where cybersecurity and DR are strategically interlinked in business operations,” Horn-Botha said.