Arcserve research uncovers links between ransomware, consumer purchasing behaviour, brand loyalty
The report indicates that consumers are likely to avoid conducting business with an organisation that has experienced a cyber attack. It further reveals that consumers will not tolerate ransomware-related service disruptions or security breaches and will turn to a competitor after a single failed transaction or instance of inaccessible information.
Arcserve Southern Africa has revealed the results of research conducted by Arcserve, the world’s most experienced data and ransomware protection provider. The research aimed to measure how cyber crime influences purchasing behaviour and brand loyalty.
It found that while most consumers are taking necessary security precautions to protect their online accounts, businesses may not be doing enough to protect their information – inadvertently driving sales to competitors that can.
The survey* of nearly 2 000 consumers across North America, the United Kingdom, France and Germany found that 70% believe businesses aren’t doing enough to adequately secure their personal information and assume it has been compromised without them knowing it. As consumers become more educated and cyber attacks become well-known, perceived trust becomes more influential in their purchasing decisions, with the study also finding:
- Nearly nine out of 10 consumers consider the trustworthiness of a business prior to purchasing a product or service; and
- Fifty-nine percent of consumers would likely avoid doing business with an organisation that had experienced a cyber attack in the past year.
These findings suggest businesses must manage uncharted challenges with the rise of cyber criminals now making breaches public, regardless of ransoms paid.
Cyber attacks have arguably become the largest business threat; however, the quantifiable impact on consumer behaviour has not been widely understood. The study found that one in four consumers will abandon a product or service in favour of a competitor after a single ransomware-related service disruption, failed transaction, or instance of inaccessible information. It also found that tolerance for these events quickly deteriorates, with:
- Over 66% of respondents citing they would turn to a competitor if an organisation couldn’t restore systems and applications within three days following a cyber attack; and
- Over a third of those would be willing to switch after a mere 24 hours of waiting to access their information or make a transaction.
Moreover, the potential damage doesn’t stop during or shortly after a cyber attack event. More than eight in 10 respondents admit to sharing their negative, ransomware-related experiences with family, friends or colleagues, posting about their experiences online, or e-mailing about the incidents.
While the report concludes that consumers are generally intolerant of cyber attacks, there are a few industries where businesses are under even more pressure to keep data secure and operations running. The survey found:
- Nearly half of consumers would walk away from their banking or securities provider immediately on experiencing a ransomware-related event which prohibited them from transacting or accessing information; and
- Forty-three percent would immediately seek out a competitive communications product or service.
While there are many negative ramifications caused by cyber attacks, businesses that take proactive steps and mitigate ransomware quickly will benefit in the long run. Over half of respondents would be willing to pay more for products and services they believe to be more reliable and secure in the banking and securities industries, and over 40% would pay more if they believed products and services were more secure from companies in the healthcare, insurance and retail categories.
Byron Horn-Botha, Arcserve Southern Africa Lead: Channel and Partnerships, says the trends displayed in this international survey are also relevant to the South African market. “The survey results deliver a stark cautionary message to all businesses to prioritise cyber security and disaster recovery (DR) plans or lose customer loyalty and trade. Arcserve recommends a two-pronged approach where cyber security and DR are strategically interlinked in business operations,” Horn-Botha concludes.
Arcserve Southern Africa
Arcserve Southern Africa is based in Johannesburg, South Africa and is the sole sub-Saharan Africa representative of US global corporation, Arcserve, a leading provider of data protection and recovery software. Arcserve provides a comprehensive solution for virtual and physical environments, on premise or in the cloud, backed by unsurpassed support and expertise. Arcserve’s new unified architecture, Arcserve Unified Data Protection (UDP), drives a full range of highly efficient and integrated data protection capabilities through a simple, web-based user console.
Arcserve Southern Africa territories include: South Africa; Nigeria; East Africa and the South African Development Community (SADC).
For further information: www.arcserve.com