“Honesty is the best policy” – Consumers appreciate companies’ transparency in the event of a breach

A new report from NTT Security shows that transparency and honesty are what consumers most desire in the event of a breach.

However this is not new news. This has been the general consensus for many years following the sharp rise in data breaches in recent years. People are keen to know if their data has been compromised, and people deserve to know so they can assess what they may need to do.

80 per cent of consumers demand honesty

In an event of a security breach, consumers want companies and organisations to be more open and honest. When asked how companies can regain trust, a whopping 80 per cent of respondents said they’d like companies to be transparent in their data breaches and to keep them well-informed. This is relevant now more than ever before in the light of two recent security breaches from the tech giant, Yahoo, and the U.K. mobile network provider, Three.

Data breaches that affected consumer trust

Yahoo only announced their data breach in September last year that affected over 500 million users; and then it increased again to over a billion. In reality, the breach allegedly took place two years prior to the public announcement date; so why did they wait over two years to come clean to their users? By keeping the breach concealed, they’ve arguably lost the trust of many of their customers, and lost the opportunity to mitigate any after-effects of the breach quickly.

Three’s breach is also an example of losing consumer trust. Following Three’s data breach, many of Three’s mobile customers were unhappy with the way that Three dealt with the breach. It’s understood that the mobile network provider has yet to ascertain the exact number of their customers affected. The situation was made worse when Three reportedly failed to notify all of their customers as soon as it happened. Some reports say that customers had to find out that their personal data was stolen and at risk through social media and through reading the newspaper. What Three should’ve done was quickly notify all affected customers through email and create a ‘splash message’ on their website.

The risk of not being transparent in the event of a breach

By not keeping their customers and users in the loop, companies and organisations bear the burden of losing customers. This is shown through a Thales Survey, where 84 per cent of the British public would consider using a different brand or service in the event of a breach. This is not at all surprising as customers don’t want to face the risk of having their personal information compromised again. This can come down to trust, and we as consumers expect a level of data protection afforded to us by the Data Protection Act. When companies fail to secure or protect personal data, it can throw the trust out of the window.

However, nothing can be 100 per cent bulletproof, even companies and organisations with the best cybersecurity teams can be subject to data breaches. As well as putting in prevention techniques, the importance of informing customers in the event of a data breach is just as crucial.

Not all consumers will stop doing business with a company even in the event of a data breach. This could be for a number of reasons, although I believe data breaches are more common and seen as the ‘norm’ in our daily lives. This may be a huge factor for those individuals who choose to continue business with companies and organisations even after a data breach. This is worrying that many consumers have come to ‘accept’ this fact.

Nonetheless, it shouldn’t have to be like that. Consumers shouldn’t have to accept that this is the ‘norm’.

IoT (Internet of Things) devices still vulnerable to cyber-attacks

“The NHS’ data protection obligation” – former NHS employee’s data breach shows the importance of the NHS’ duty to protect our data