One of the more challenging aspects of security has been justifying the level of investment in security technologies vs. attaining an actual
return on that investment (ROI). As a result, the conversations about the ROI of security generally fall back on the cost of providing security versus the potential risk to the business and the damage to the company’s reputation.
Up until recently, however, most security incidents were generally hushed up. It’s only with the recent enforcement of more stringent compliance regulations that we’ve begun to see more disclosure of those security infractions. And now those disclosures are starting to take a toll on the psyche of consumers.
The latest bi-annual survey of consumers conducted by Unisys finds that more than three-quarters of respondents would stop dealing with an organization entirely in the event of a security breach. The survey is conducted every six months to ascertain the attitudes of more than 1,000 U.S. residents about security. According to the survey results, an astounding 90 percent would take some sort of action in the event of a data breach, ranging from simple things such as changing their passwords (87 percent) to more drastic measures such as closing their accounts (76 percent) or taking legal action (53 percent).
What that means is that suddenly the cost of a security breach goes well beyond the value of the lost data; it has a material impact on the business as a whole and the value of the company’s brand.
But this also means security is becoming a marketable attribute, says Steve Vinsik, vice president of enterprise security at Unisys. And that's good news -- people are more conscious than ever of security issues, and security now is a factor in their decisions about which organizations they will do business with, he says.
In fact, more than half of the people surveyed said they would be willing to provide biometric data to secure their identities. Such scenarios include providing biometric data at security checkpoints at airports, when conducting financial transactions and when receiving government benefits or other services. However, only 21.3 percent said they were willing to give their biometric data to social media sites, which implies that people are starting to apply relative security weights to different sets of activities.
Something profound is starting to take place in terms of the awareness of security threats among the general public. Many security experts would argue that such awareness is long overdue. But with that awareness comes increased expectations that, if you’re organization is unable to meet, likely will result in lost revenue and definitely impact the bottom line.