The concerns surrounding information security in credit cards are not limited to a particular season, but they acquire added prominence during the holiday shopping season. While retailers look to gain optimum increase in sales through their online and in-store channels, gift giving spree combined with year-end buoyancy drive consumers to buy more. Hackers too wait for this season and look to gather credit card information by breaching any defense. In addition, poor information and data security risk management in retail industry – due to the lack of sound security infrastructure and willful implementation of security measures – further softens the vulnerability that has been ever present.
According to Ponemon Institute’s 2015 Cost of Data Breach Study the average cost per stolen record in the retail industry has increased from $105 in 2014 to $165 in the current year. While the average cost for healthcare stolen data reached as high as $363, the average consolidated total cost of a data breach jumped by 23 percent since 2013, amounting to $3.8 million this year. The IBM sponsored report, which consulted representatives from 350 companies spreading across 11 countries, finds that breaches in the US and Germany continue to be the costliest, standing at $217 and $211 per compromised record, respectively.
The report identifies hackers and criminal insiders as the prime cause of data breaches with malicious attacks accounting for forty-seven percent of all breaches. Countries with costliest breaches have spent the most to resolve an attack – the US $230 and Germany $224, per record. While data breach costs vary according to the industry, the time taken in attack identification and containment significantly affects the financial cost in the breach. According to the research, the likelihood of a company witnessing a breach involving 10,000 or fewer records is larger than a massive breach involving more than 100,000 records.
On the other hand, at least two recent reports establish that consumers are likely to avoid such organizations this shopping season which have had been previously hacked. These reports reiterate the value of consumer confidence in a business entity and highlights how loss of customer loyalty due to data breach steadily increases business loss. A Vormetric report finds that US consumers would avoid their favorite retailer if it was hit by a data breach. About 85% of US consumers would shop at a new retailer if they foresee personal consequences post a breach.
On the other hand, according to a recent global survey titled “Broken Trust: `Tis the Season to Be Wary,” about 64 percent of consumers are unlikely a revisit a retailer where financial information was compromised while about 49 percent would avoid a shop where personal information was stolen. The report by Gemalto, which surveyed 5,750 consumers across seven countries, finds that six in ten people believed in increased threats during the festive season, and two in ten believed that they are likely to be a victim of a breach during the holiday season. The survey exhibits lack of consumer confidence in corporate data security policy and their implantation as only 25 percent of all respondents felt that organizations view customer data protection and security very seriously.
The number of businesses breached during 2014 holiday shopping decreased 50 percent from the previous two years, according to a IBM report. Against nearly 73 million compromised in 2013, cybercriminals breached about 61 million of records in 2014. However, it is clear that the drop in 2014 numbers has more to do with the massive numbers of 2013 Target and the Home Depot incidents, and at the same time reflect increased efficiency of hackers. Combined with evolved techniques and strategies of fraudsters, the vulnerability inherent during the shopping season and shoppers awaiting lucrative deals to use their credit and debit cards, which reached record high last year, make the year-end shopping a particularly vulnerable target.
According to California Attorney General Kamala Harris, online shoppers are estimated to spend $6 billion on Black Friday and Cyber Monday combined, with this season’s online holiday sales expected to reach a record $83 billion. The potential risk has Harris’ office offer tips on safe shopping during Black Friday, Cyber Monday, and the holiday shopping season. The safety tips for consumers range from making transactions only on secure sites to frequently reviewing bank and credit card statements to raising alarm in case of any discrepancy.
Business organizations on the other hand must make efficient arrangements to avoid risk events and use risk management to answer online privacy concerns. In a scenario where the world economy going through turbulent times due to political mistrust and ineffective cooperation to build resilience, the business community can ill afford to test the eroding consumer trust. While consumer confidence is particularly low on businesses’ ability to protect sensitive personal information having irreparable financial consequences, the onus on the business community itself to keep the consumer engaged with heightened efforts on trust building and business continuity management.