How Much Does Cybersecurity Really Matter to Your Members
I’ve been intrigued by this question for a while now. While some costs related to data breaches, such as the replacement cost of compromised cards, are easy enough to quantify, the costs related to reputational damage are both much harder to quantify and potentially much more impactful to your credit union’s bottom line.
Against that backdrop, I’ve always been on the lookout for surveys gauging consumer attitudes toward cybersecurity. The latest such survey I found was recently released by the consulting firm Morrison and Foster. The most intriguing take away from its analysis is that at least once in the last year, 35% of its 900 respondents had decided not to purchase products or services because of privacy concerns. In addition, when you look at the privacy issues that most concern consumers, there is little wonder why financial institutions have a particularly acute interest in mitigating cyber theft. Half of the respondents said that identity theft was their biggest privacy concern.
When the survey broke out what consumers consider their most sensitive pieces of information, there is little wonder why financial institutions have to take cyber security particularly seriously. In both 2011 and 2015, survey respondents listed their social security number, passwords and IDs used to access accounts and services, and payment card information as their most important concerns.
Finally, consumers take the risk of identity theft much more seriously than they did four years ago. In 2015, 52% of the respondents indicated that identity theft was their primary privacy concern compared to only 24% in 2011. In contrast, only 3% of respondents listed government monitoring as their primary privacy concern, a decrease of 4% since 2011.
Does all this mean that you run the risk of losing members based on the perception of your cyber protections? Maybe not. When the same respondents were asked why they trusts companies with their personal information, 24% responded that no company is perfect. As the survey analysis explained, “some consumers have given up on the ability of companies to protect sensitive and personal information.”
Consumer ambivalence is what intrigues me so much about this issue. On the one hand, they expect and deserve a baseline commitment to protect their privacy. On the other hand, the CEO could easily bankrupt the credit union investing is cybersecurity technology. The challenge is finding the sweet spot that mitigates risk, provides consumers with the latest technology and is respectful of the bottom line.