Even in a world that has become accustomed to cyber threats, the antics of hackers can still raise eyebrows.
In a recent incident, hackers reportedly stole a casino’s high-roller database. While hackers stealing a database is not surprising in and of itself, their tactics in this particular instance were. It turns out that these hackers were aided by a thermometer in a casino-lobby fish tank. In another incident, hackers tried to blow up a petrochemical plant in Saudi Arabia. The one thing that stopped them was a bug in their own code.
Given the amount of customer data they possess, the retail sector is one in which stories of escalating hacker sophistication and determination cause particular alarm. However, many retailers still see cybersecurity – the protection of consumer data, enterprise information, and intellectual property – in terms of mitigation costs. Many are missing a vast opportunity because cybersecurity can be a viable source of competitive advantage in the sector.
Cybersecurity and data privacy beats price for consumers
We recently surveyed 6,000 consumers across the world on this topic. We found something very interesting: consumers now see cybersecurity and data privacy as one of the three main reasons to select a retailer, beating even price (see Figure 1). In India, it even comes out on top as the number-one reason to do business with a particular retailer.
Cyber and data protection drive customer satisfaction
Many retailers are unaware that they are missing a trick when it comes to customer satisfaction or that focusing on cybersecurity and data policies can have a direct effect on customer satisfaction. We asked consumers to rate their satisfaction levels if a retailer implemented several cybersecurity and data privacy capabilities. We found that the share of satisfied customers increased from 9% to 22% when consumers knew their primary retailer had implemented these capabilities. Our research shows that consumers are particularly interested in specific capabilities – for example, encrypting stored data and offering a prompt for account passwords have the biggest effect on customer satisfaction.
Consumers will spend more if retailers step up their game
We asked consumers how much more they would spend online if a retailer took these trust-building actions:
- Assurance that their financial and personal information is safe – for example, sending periodic communications about security measures taken to protect consumer data from the latest threats
- Clear explanations about how their personal and financial information will be used
- Assurance that the retailer’s websites and apps use the most advanced security technique – for example, 256-bit Secure Sockets Layer (SSL) encryption or Transport Layer Security (TLS).
Approximately 40% of consumers would be willing to increase their online spend by 20% or more if their primary retailer gave them these trust-building assurances and competitors did not.
Despite the valuable prize on offer, retailers are not seizing it. We assessed over 200 retailers to see if their actions are in line with customer expectations. The results are not encouraging. Among other things, we found that:
- Most retailers do not focus on the cybersecurity and data privacy capabilities that can boost customer satisfaction
- Consumers want more assurances from retailers than they are getting
- Retailers appear reluctant to inform their customers of data breaches
- Few retailers inform their consumers of a breach before the media does.
We believe that this is a significant missed opportunity that raises a host of questions. What’s the business case for getting this right? What are the various consumer categories – are some more informed than the others? If so, how can a retailer identify and work with them? How can retailers leverage cybersecurity and data privacy to drive value and growth? For answers to these questions – and more details on our findings – read our latest research: “Cybersecurity – The new source of competitive advantage for retailers.”