InsightaaS: 'Tis the holiday season, and all through the net, except for security, the blogs are all quiet. Okay, that's a weak rhyme and weaker takeoff on a classic line, but it's true nonetheless: while email is slow and bloggers appear to be enjoying downtime, the security chatter is getting louder. As was noted in yesterday's ATN post, much of this is due to the prominence of the Sony breach, but it's also true that concern over security and privacy extends well beyond the continued IT security misadventures of Sony.
Today's post highlights new research from Deloitte, which was published on the excellent Deloitte University Press site. It draws extensively on data from two surveys - of 70 senior managers from the US consumer products industry, and of 2,001 adult consumers in the US - to produce a fact-based perspective on the need for and opportunities associated with strong security and privacy practices.
The authors centre the piece on the observation that "strong data privacy and security practices are not just about risk mitigation, but also a potential source of competitive advantage," observing that "our survey suggests that the field is wide open for consumer product companies to build a reputation for strong data privacy and security practices." In my opinion, these statements are not as neatly linked as their proximity in the post suggests, but it is at least encouraging to see security positioned as a source of upside (as was the case in the InsightaaS whitepaper "Success and Profitability: Security and the value of IT/business solutions") rather than only as a source of exposure requiring oft-grudging focus and investment.
The next section of the post enumerates some of the challenges facing firms that elect to pursue security and privacy as a source of differentiation. The research found that consumers generally don't want suppliers to have access to their personal information, and that they don't trust consumer products to adequately protect this information; interestingly, executives from the companies themselves believe that their approaches are adequate, demonstrating (according to the authors) that they are not "fully aware" of how their customers view their information security practices. The research illustrates similar gaps in the perceived value of sharing personal information in exchange for personalized recommendations or customized offers - which suggests in turn that Big Data-driven marketing programs may prompt a range of responses that includes consumer suspicion/mistrust.
The final section of the post covers "five considerations for stronger data privacy and security practices." These recommendations may not be immediately applicable in all contexts - but they are worthy of review by any firm that is trying to expand its online, trust-dependent relationships with customers.
Data privacy and security is about much more than keeping hackers at bay. It is also about assuring consumers that the trust they place in a consumer product brand is warranted. The results of a recent survey of consumers and executives show that consumers have a keen sense of awareness of the risks surrounding data security and privacy, and that many consumer product executives are likely overestimating the extent to which they are meeting consumer expectations related to data privacy and security. On the other hand, many consumer product executives may be underestimating the opportunity for competitive advantage associated with meeting consumer expectations regarding data privacy and security. Furthermore, many consumer product companies do not seem positioned to gain consumer trust based on their current data privacy and security strategies, policies, and systems (figure 1). The field appears wide open for consumer product companies to differentiate themselves through a reputation for strong data privacy and security practices. Consumer product executives should consider viewing data privacy and security not just as a risk management issue, but as a potential source of competitive advantage that may be a central component of brand-building and corporate reputation.
Nearly everyone who works in the consumer products industry knows that negative brand experiences can quickly negate years of brand-building, a hard-gained positive reputation, and—perhaps most importantly—the trust a consumer places in a brand. Consider the impact on consumer trust, then, when a company announces that it has experienced a data breach. In this age of big data and digital marketing, in which consumer product companies and retailers are building detailed profiles of individual consumers based on a plethora of data sources, even a single data breach can substantially damage consumer trust. Indeed, 59 percent of consumers state that the knowledge of a data breach at a company would negatively impact their likelihood of buying from that company. Only 51 percent of consumers, moreover, say they would be “forgiving” of a consumer product company that experienced a breach as long as the company quickly addressed the issue...