BreachExchange mailing list archives
Data breaches have eroded consumer faith in security, Fujitsu finds
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 19 Dec 2013 00:46:50 -0700
http://news.idg.no/cw/art.cfm?id=D1C332C9-9108-BA71-A10E39B578DCF152 A decade of data breaches has left barely one in ten UK consumers with faith in the ability of large organisations to safeguard their personal data, a survey for Fujitsu has revealed. The poll of 3,000 consumers from around the country found consistently low levels of trust regardless of the sector holding the data. Things are apparently so bad that the usually disliked banks were actually rated the highest for data trust at 36 percent, ahead of supermarkets, online retailers, local and central government. Social media came bottom on 15 percent. When asked which factors had influenced their view of trust in the last year specifically, 19 percent mentioned a data breach incident they'd seen reported, 21 percent the existence of the NSA's PRISM, with around half believing they had simply become more aware of the issue. "The results of our research showed consumer tolerance for data loss is at an all-time low. With consumers battling to understand the impact on their personal information if a company is hacked, there is no room for error anymore," said Fujitsu's UK & Ireland CSO, David Robinson. "The effort required here is industrial, as companies are no longer fighting against individuals, but a sophisticated criminal industry, designed solely to access their data. We describe organisations in two groups, those who have been hacked, and those who will be, for no reason," he said. Consumers don't trust anyone it would appear but a larger question is whether any of this actually matters. Surveys consistently show that people believe their data is not secure and that they don't trust organisations to look after it and yet the same populations hand over data in ever growing quantities. Perhaps the decrease in trust is an extension of people's cynicism about all organisations or possibly mistrust is an entirely positive response to an uncertain world that psycholgically equips people to cope with disappointment. Alternatively, people do trust organisations in a pragmatic way whilst expressing some doubt about this only when questioned in polls. Interestingly, Fujitsu did uncover a widespread vagueness about precisely what data is being collected by firms with nearly 90 percent simply wishing organisations would stop storing data even when held for the benefit of consumers. Fujitsu suggests that the decline in data trust "must be countered," without really explaining whether this is likely when firms suffering breaches seem to be able to ride out data crises with nothing worse than a public rebuke and a fine from the Information Commissioner's Office (ICO). It's as if the world has become simultaneously shocked by data insecurity but also indifferent to the possibility of stopping it. The firm ends by suggesting that organisations able to raise trust might benefit from such an investment but is that so? Securing data won't make any difference to the views of consumers as long as they feel insecure.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Data breaches have eroded consumer faith in security, Fujitsu finds Audrey McNeil (Dec 19)