The Reach of a Breach: Financial and Retail Institutions Suffer Long-Term Damages
That jingling noise is the sound of lost business.
How much is a loyal customer/client worth?
If you’re a retailer, that value could be anywhere from fifty to five-thousand dollars per year. If you’re a bank, that value could be anywhere from five-hundred to fifty-thousand dollars per year. In the aftermath of recent retail security breaches a number of concerning statistics have come to light.
These statistics provide a lot of insight into customer behavior. For those of you in charge of risk mitigation only one thing matters, and that concern can be posed as a question.
“How much risk would you assign to the possibility
of 10% of your customer base suddenly disappearing?”
What if I told you that ten percent was a low estimate for how many customers you could lose due to the long-term reach of a breach of your information systems? But hey, they are your “loyal” customers after all. Surely that means they are willing to forgive and forget, and as long as you don’t drastically change your products, policies, or prices, they will stick around... Right?
In this graph, I have compiled a few of the relevant statistics from the studies. The entire ring represents customers who were affected by a data breach. The green section, which represents 26 percent of the whole, are customers whose spending habits were not significantly affected by having their information leaked. The large orange section, which represents 60 percent of the whole, are those who have lost a significant amount of trust in the company due to the leak. They may have been loyal customers before, but no longer is that the case. Finally, that red 14 percent section in the corner represents the portion of customers who, because of the breach, actively avoid doing any business with the company that lost their data. It doesn’t matter if these customers suffered any financial losses as a result from the breach, the potential for loss damages the relationship enough to drive them away.
At this point, assuming you work in the retail sector, you’re probably concerned about this loss and how it could affect you. If you’re specifically in charge of, or oversee, IT Security for a retail business, you probably know of the Payment Card Industry Data Security Standard (PCI DSS). What many people don’t realize though, is that security is not some sort of simple compliance standard or something you can achieve by following a pre-determined checklist. If your systems are breached only your insurer and your lawyers will care that you were PCI compliant. Security, above all else, is a continuous process. This means that, while you are required to be PCI DSS compliant, you should really be improving your security above and beyond those minimum requirements. A breach could cost you hundreds of thousands of dollars, but the loss of customer trust is where it's really going to sting.
That’s where we come in. To strengthen your Retail IT Security arsenal, we recommend you take a look at AuthAnvil Password Solutions. Not only will it help you achieve and maintain your PCI Compliance, but it will also provides an ongoing and ever-improving level of security. We help you take the risk out of risk assessment. No security is absolute, but there are numerous ways an investment in AuthAnvil can to mitigate the risk of suffering a breach.