Consumers are wary of the increased frequency of cyber-attacks against retailers, and many are ready to walk away from their favorite retailers if a breach occurs. In fact, according to the 2016 KPMG Consumer Loss Barometer, in surveying 448 consumers, KPMG found that 19% said they would stop shopping at a retailer that had been a victim of a cybersecurity hack, even if the company took the necessary steps to remediate the issue.
In addition to those who would abandon the retailer entirely, 33% of the consumers indicated that fears of further exposure of their personal information would prevent them from shopping at a breached retailer for at least three months. When asked which factors most likely contribute to a customer not returning – or delaying a return – to the store, consumers surveyed cited a lack of a solid plan to prevent further attacks as a top factor.
In conjunction with the consumer survey, KPMG conducted a survey of 100 retail senior cybersecurity executives distributed evenly between chief information officer (CIO – 25%), chief information security officer (25%), chief security officer (25%), and chief technology officer (CTO – 25%). Despite consumer concerns, the survey suggests that the issue is not as top of mind with retail executives as it should be. Fifty-five percent say that they haven't invested capital funds in cybersecurity protection in the past 12 months – placing the industry third out of the four industries featured in the report. Additionally, 42% state that their company does not have a leader who is responsible for information security – again placing the industry third out of the four industries in the report.
Money quote from Mark Larson, KPMG's National Line of Business Leader for Consumer Markets and Global and U.S. Sector Leader for Retail:
"Make no mistake, there is a lot at stake here for retailers. Consumers are clearly demanding that their information be protected and they're going to let their wallets do the talking. Retailers that don't make cyber security a strategic imperative are taking a big gamble."
Other key findings suggest that cyber security breaches have already damaged consumer perceptions about the security of their personal information in ways that could hamper retailers' ability to deliver personalisation by leveraging shopper data. To wit:
- More than half (52%) of the consumers surveyed say they are not comfortable with shopper personalisation, citing a desire to not have personal shopping habits and information be collected.
- 40% of consumers would not feel comfortable using a mobile pay app that had recently been hacked.
You can view the full 2016 Consumer Loss Barometer report here.