Companies that experience a data breach can expect to lose 20 per cent of their sales revenue forever, according to a new study.

PCI Pal PLC, a firm out of the United Kingdom specializing in secure payment solutions, surveyed 2,200 Canadian consumers. Seventy-eight per cent of those surveyed said they would stop spending money with a company that allowed mishandled their data, and 58 per cent indicated a willingness to stop spending for several months. A fifth said they would never buy from a company after it got hacked.

Whether they actually follow through on that – brand loyalty and lack of choices are sometimes factors – is not clear, said Darren Gill, the chief revenue officer for PCI. But what is clear, he added, is that people are beginning to care about how their data is being managed. He cited the backlash against Facebook as an example.

Darren Gill, the CRO of PCI Pal, said once people are directly affected by a breach, they will take action. Credit: PCI Pal

“I think it’s easy for people to say that they’re going to do that. The practical reality though is what are their options or choices? That may limit their ability to do that,” said Gill in an interview with IT World Canada. “But look at the Facebook breach, there were some percentage of people that actually canceled their Facebook accounts because they were frustrated and concerned about the risks. But I think from a consumer point of view, it all boils down to… access, choice, and brand loyalty.”

But that loyalty is increasingly being tested. According to the study, a staggering 37 per cent of respondents said they have been a victim of a hack.

“They’re going to have to experience that firsthand. I think once they do, I bet it’s those very people… that would end up terminating their business with that company,” said Gill. 

For the 15 per cent of firms in the study that said they felt absolutely safe from security breaches, Gill said they’re waiting to react to a breach instead of taking preventative measures – or simply not paying enough attention to their IT infrastructure.

Sixty-five per cent of Canadians point to retail being the least secure sector, followed closely by the travel industry
at 41 per cent. Financial and government services don’t have a great rep either – roughly 25 per cent of people rate both as the least secure.

So what can these organizations do to regain people’s trust? More than 60 per cent of Canadians want companies to undergo regular security audits. Nearly 50 per cent would want them to be federally mandated by stricter regulations that protect private data.

“As data breaches become increasingly common, Canadian consumers are realizing that their personal data is at the mercy of the organizations they shop with. As a result, attitudes toward data security are changing significantly, with a majority of consumers now reporting a company’s security practices directly influence their spending habits,” said James Barham, the chief executive officer of PCI Pal.

Share on LinkedIn Share with Google+
More Articles