Nearly Half of Businesses Admit to Selling Customer Data despite Claiming Data Protection as Paramount; Consumer Behavior Shows Strong Correlation Between Loss of Business and Lack of Digital Trust
CA Technologies (NASDAQ:CA) today revealed the results of an extensive global survey of consumers, cybersecurity professionals and business executives about their views on digital trust. Conducted by analyst firm Frost & Sullivan, the inaugural report, titled “Global State of Digital Trust Survey and Index 2018,” highlights how consumers perceive and trust organizations to protect their digital data. It also includes significant data about how business leaders and cybersecurity professionals at organizations view their responsibilities of data stewardship, the licensing of consumer data to third parties and the technologies they are implementing to protect data and customer privacy.
This report comes at a critical time, as consumers are increasingly transacting online – whether for work, leisure or play – providing organizations with access to vast amounts of data, from consumer profiles and personal information to user behavior and habits. With that increasing store of data also comes greater responsibility to protect it against abuse from external and internal sources.
Amidst a continuous stream of headlines about major data breaches in enterprise and government agencies, the degree to which consumers have placed their trust in organizations to protect their personally identifiable information (PII) online has never been more relevant. In 2017 alone, the number of confirmed data breaches globally was staggering. Against this backdrop, it is crucial for business leaders to understand worldwide public sentiment concerning the sharing of information online, and the impact of data and privacy breaches on the company’s bottom line.
“We are at a crossroads in the information age as more companies are being pulled into the spotlight for failing to protect the data they hold, so with this research, we sought to understand how consumers feel about putting data in organizations’ hands and how those organizations view their duty of care to protect that data,” said Jarad Carleton, industry principal, Cybersecurity at Frost & Sullivan. “What the survey found is that there is certainly a price to pay – whether you’re a consumer or you run a business that handles consumer data – when it comes to maintaining data privacy. Respect for consumer privacy must become an ethical pillar for any business that collects user data.”
Responses to the survey showed that the Digital Trust Index for 2018 is 61 points out of 100, a score that indicates flagging faith from consumers surveyed in the ability or desire of organizations to fully protect user data. The index was calculated based on a number of different metrics that measure key factors around the concept of digital trust, including how willing consumers are to share personal data with organizations and how well they think organizations protect that data.
Key findings from the report include:
- Nearly half (48 percent) of consumers report that they currently use, or have used in the past, services of organizations that were involved in a publicly disclosed data breach and, of those, 48 percent have stopped using the services of an organization because of a breach.
- There is a 14-point gap between the Digital Trust Index of consumers (61 percent) and the perceptions by business decision makers and cybersecurity professionals (75 percent), signifying mismatched perceptions among these audiences in a measurement of perceived consumer trust versus actual consumer trust.
- Only half of consumers surveyed (49 percent) are willing to provide their personal data in exchange for digital services.
- 90 percent of organizations claim that they are very good at protecting consumer data, showing a high level of self-confidence, despite the fact that nearly half (48 percent) of business executives admitted that their organization has been involved in a publicly disclosed consumer data breach in the last year.
- 43 percent of business executives admit to selling consumer data that includes personally identifiable information, while only 15 percent of cybersecurity professionals surveyed knew that their company was selling data containing PII.
These results point to a significant gap between how organizations view their responsibilities on data stewardship and consumer expectations around how organizations protect consumer data. In the application economy where data is king, organizations must prioritize data privacy and security or risk serious ramifications. Organizations can mitigate these risks by taking a proactive stance on security, such as narrowing their policies for sharing user data, reducing privileged user access, implementing continuous user authentication technologies, and adopting better cybersecurity and privacy controls to stop hackers.
“In today’s digital world, consumers expect security and privacy to go hand-in-hand with a great user experience. The study clearly shows that trust is fleeting if organizations don’t do their due diligence to protect consumer data from getting into the wrong hands,” said Mordecai Rosen, general manager, Security at CA Technologies. “Now, more than ever, organizations need to understand that success in the digital economy requires that they embrace a security-first mindset – a key tenet in our Modern Software Factory model. A loss of digital trust has implications on all aspects of a business and brand perception, so organizations owe it to their customers and shareholders to get it right.”
The global online survey of 990 consumers, 336 security professionals and 324 business executives across 10 countries was sponsored by CA Technologies and conducted by Frost & Sullivan in March and April 2018. The survey’s respondents assume senior business and IT positions at public and private enterprises across nine industry sectors. For full survey methodology details, see the report “Global State of Digital Trust Survey and Index 2018.”