By Troels Oerting and Elena Kvochko
Whether business owners already recognize it or not, trust has become one of the key parts of the product strategy and the product itself. For cloud, financial services, IoT-related, and even retail industries, trust is a way to gain and retain customers. The “formula” for trust, in our view, consists of core components, such as security, privacy, convenience, and speed to market. Without trust of customers, employees, shareholders, and stakeholders, many industries will have a harder time maintaining competitive positions in the market. Security, privacy, convenience, speed to market must be part of the end to end vision for the product, as more and more companies deliver their products and services online.
Concerns about security start to directly affect spending behavior of individuals. In the US, for example, consumers concern about cyber security have risen by 20%, just over the course of a year. Overall, 57% of Americans surveyed were concerned about cyber risk in 2015, making it one of the top three concerns, alongside financial security (66%) and identify theft (25%). Reports show that in the retail industry, as an example, once a company experiences a breach they can, on average, expect 12% of customers to stop shopping with them. A further third of customers to shop there less frequently. Aon survey earlier named cyber security among top 10 risks for businesses.
Understanding how much a potential security breach could cost can help firms manage their risk and invest appropriately in their security. Many would argue that security is already a differentiator in the market – in fact, the Financial Times had identified security as a key differentiator as early as 2011. More recently, Forrester said that privacy and data security became a key competitive differentiator by the end of 2015. These numbers are likely to rise further.
Next, as security becomes a key differentiator, it is important that businesses build up customer trust in their security. Security control must be strong and adaptive. And, in addition to having good security, customers must know about it.
Research done by the Ponemon Institute tries to put economic cost on the damage to reputation that can happen as a result of careless security practices:
· If a data breach resulted in a loss of customer data, the value of the average organization’s reputation was diminished by 21%. It took businesses an average of 12 months to recover. This damage cost the businesses an average of $332 million.
· If a data breach resulted in a loss of employee data, the value of the average organization’s reputation was diminished by 12%. It took businesses an average of 8 months to recover.
88% of consumers ranked data privacy as very important when choosing a company; more important than quality products (86%) and good customer service (82%). We see similar trends in the financial services industry. While banks are among the most trusted institutions, customers are ready to donate their most vital information to secure their accounts: close to 40% of customers are ready to donate biometric data, and 20% even said they are willing to give out DNA data, according to a study conducted in the UK. 63% said they would change their supplier, including a bank, if they experienced identity theft directly. 54% would do so, if they indirectly experienced it.
Trust in institutions is highly dependent on privacy practices. Just 45% of people are confident that their data held by businesses is secure. Of the 55% who lack confidence, these individuals could be swayed to invest in a more secure product if they could be persuaded that their data would be safer. Even among the 45% who believe their data is safe, just one data breach could be enough to erode that confidence and cause them to start looking for alternatives. The level of trust a business establishes and maintains is key for retaining users.
Consulting company Deloitte reported that 64% of consumers would switch brands if they found out their personal data had been sold to another company. 73% of consumers would consider switching brands if a data leak occurred.
The awareness about the risks is high enough that consumers themselves are changing their basic security habits: creating strong passwords (78%), limiting the information they share (76%), keeping web browsers updated (69%), keeping security software up-to-date (63%).
While the level of risk varies according to the sensitivity of the customer data, any business that holds some data is at risk:
· Reputation – Every business needs to ensure it retains and reaffirms its reputation. A data breach damages this reputation, makes the business appear incompetent and makes it less likely consumers will place their trust in the business in the future.
· Regulatory Requirements – In the EU, businesses can be fined up to 4% of their turnover for breaching the new GDPR (General Data Protection Regulation). In the US, 47 states now require businesses to report to the authorities breaches that leak personal data.
· Data Protection – not every data breach has the aim of exfiltrating information: some are for the purpose of sabotage. Explaining to consumers that you would need to collect their data again in case it is lost may have a big cost to businesses.
In addition, consumers affected by a data breach are quick to tell others about the experience. In the case of retail industries, for instance, 85% of unhappy consumers affected tell others about their experience with the company. Over 30% would use social media channels to communicate this message. Finally, 20% will make negative comments or reviews on the retailer’s website.
Creating easy to use elegant products that deliver on customer expectations is a key part of strategic decision making. Secure, but cumbersome products, that slow down and impair user experience will not help win customer loyalty and connect deeply with the customers. Leaders and managers who understand how to implement convenience as part of product strategy should have a major seat at the table.
As global investments in financial technology have more than tripled between 2008 and 2015, we already see that physical presence is no longer a competitive advantage. Customers expect quick, convenient, and interactive services, which are always available. Financial services companies continue to focus on optimization of physical presence and invest in customer experience across multiple digital channels, as well as in automation, digital innovation at scale.
Speed to market
While companies strive to deliver innovation and products to market, any industry where it is easy for customers to switch to a competitor should pay particular attention to fostering trust, security, privacy. While it is important to be among the first to deliver innovation, the loss in confidence due to poor security and privacy practices could easily precipitate a large volume of customers moving to competing businesses. Companies should strive to deliver their products to market and win customer loyalty, but do it securely.
· Invest in Security – The best way to secure your reputation and build trust is to avoid a security breach. Invest in your security and in the teams that maintain it.
· Tell Customers About It – Your customers need to know that your business is doing everything it can to keep their data safe.
· Stay Ahead of the Curve – To safeguard your business, companies should go beyond basic security and privacy controls and “tick-box” exercises.
The efforts that businesses will need to make to retain trust and customers will vary depending on the markets they are involved in and the demographics of their customers.
In the industry where we operate, privacy, security, and trust delivered in a convenient way, is not a only vision we consider. These important core values are already integrated in the strategy: protecting the digital assets; enabling the business lines to get first to market with convenient products offering security and privacy by design; innovating to stay safe and keep up with customer’s expectations, while delivering tomorrow’s solutions today; educating and raising awareness to make sure security is part of corporate DNA. Throughout this process, it is important to integrate strong intelligence-led cyber security operations, and build new solutions into security decision making, including the application of technologies, such as machine learning and AI.
Customers must be reassured that their data is in safe hands and that all efforts are being made to ensure it is used appropriately. Businesses need to remember that risks are not static, and are constantly evolving. They need to continually invest in their security, privacy, design, and be fast to deliver on customer expectations to build trust.
This article was written by Elena Kvochko from Forbes and was legally licensed through the NewsCred publisher network.