Unsurprisingly, online security breaches can severely undermine the trust that a consumer places in a brand, with over 76 percent of UK consumers stating that they have a more negative opinion of a brand following a security breach.
As more and more people choose to shop online instead of on the high street, brands across all industries are having to invest more time and resources into optimising their online platforms. As well as ensuring that customers enjoy a smooth shopping experience, whatever device they're using, retailers need to make security a top priority.
Cyber-security: a top concern for consumers today
High-profile cyber-attacks over the past year mean that online security is front of mind for consumers and businesses alike. Additionally, with just a few months to go until GDPR takes effect, the way that companies use and protect the personal data of consumers has begun to enter mainstream consciousness. The knock-on effect of these two factors is that online security has become a vital brand asset and consumers are more cautious than ever of the dangers posed by security breaches, as well as the wider risks of having their information online at all. In fact, 18 percent of global consumers surveyed by Limelight Networks say that they have an “extremely negative” perception of brands that have suffered a cyber-security breach.
Awareness of these breaches has been driven not only by media coverage, but also by public awareness campaigns. For example, TV adverts in the lead-up to Christmas warned people of the checks they should make on websites before they proceed with a purchase. Retailers need to invest time and money into ensuring that their customers feel comfortable making purchases online, in the same way that they do when seeking to optimise the in-store shopping experience.
Impact of security on brand perception
Recent research has shed light on just how important security is for the success of a brand in the ecommerce era. Unsurprisingly, online security breaches can severely undermine the trust that a consumer places in a brand, with over 76 percent of UK consumers stating that they have a more negative opinion of a brand following a security breach. This makes the UK the third most suspicious nation of those surveyed globally.
This impact on perception is by no means short-lived – once the story is out of the media, security breaches continue to have a lasting impact upon consumer trust. Amongst those surveyed in the UK, only 18.6 percent said they would definitely return to make transactions on a website that had previously suffered an online security breach. Given the cost of acquiring customers (research suggests that acquiring new customers can cost a staggering seven times more than retaining existing customers!), this is not something that businesses can afford to do and could massively impact SME online retailers, especially when we consider that returning customers tend to spend nearly 70 percent more than new ones.
Perhaps unsurprisingly, older consumers were less forgiving than their younger counterparts, with nearly half of consumers over the age of 60 adamant that they would not return to purchase from a website that they knew to have suffered a security breach in the past. This could be attributed to the idea that online fraud primarily affects elderly and vulnerable consumers. That being said, it is actually more likely for younger people to suffer as a result of online fraud, given their greater online exposure and less cautious attitudes to personal information.
Nonetheless, regardless of age, almost half – according to Limelight's research a global average of 41.6 percent – would not return to a website following a breach. This highlights just how critical it is for brands to prioritise brand security in order to keep customers coming back. They need to show customers that they are doing everything possible to safeguard their information.
Building a solid defence strategy
So, what can businesses do to protect their web infrastructure and customer data? To defend web servers from malicious attacks, a Web Application Firewall (WAF) should be integrated between the Content Delivery Network (CDN) and the web application infrastructure. This means that only requests for content that have not previously been cached need to be inspected by the firewall, thus optimising overall content delivery performance. An effective WAF will identify and block cyber-attacks that aim to steal confidential information given by customers to online retailers, such as credit card numbers and personal data.
Additionally, Distributed Denial of Service (DDoS) protection should be put in place, at the CDN edge to make sure that hackers cannot overwhelm the site with malicious traffic and drive it offline. If a retailer's website goes down during busy shopping periods, like Christmas or Black Friday sales, they risk losing huge amounts of revenue, let alone suffer irreparable reputational damage. If a firm wants to make sure that performance remains optimal during a DDoS attack, mitigation should be implemented with a CDN that has scrubbing centres integrated into its network. This will eliminate the need to divert traffic to a different network when “scrubbing” (this refers to the use of a data cleansing station to identify and remove malicious traffic) is required.
High-profile cyber-attacks over the past year have thrown the spotlight on an alarming shift towards a new era of global, distributed cyber-crime. Cyber-criminals are more organised than ever before and are coordinating increasingly sophisticated attacks, releasing ransomware that can cause global havoc (as seen in the WannaCry attack). To protect their customers, retailers need to make sure that they stay ahead of hackers by developing strong, comprehensive cyber-security strategies. These should be scalable, to ensure that the website remains available and content remains protected, even when the business grows.
In summary, for brands to remain prosperous and maintain a strong, trustworthy relationship with their customers, online security must be a central tenet of their ecommerce strategy. Those brands that fall foul face consequences that extend way beyond mitigating the immediate consequences of a security breach, undermining consumer trust and turning people away from their webstore.