Report: U.S. retailers aren’t investing in cybersecurity even as breaches persist
As high-profile hacks like Target, Home Depot and Eddie Bauer show, U.S.-based retail stores are especially susceptible to damages caused by hackers. A new survey out Tuesday shows how much that damage usually amounts to.
A data breach costs retail outlets, on average, roughly 19 percent of their customer base, according to a survey conducted by global audit, tax and advisory firm KPMG.
Nearly one-fifth of respondents told KPMG they would avoid a retailer that was the target of a successful cyber attack, regardless of how the company remediated damages caused by hackers.
Another 33 percent of people surveyed said they would wholly abandon an affected business for about three months, due to immediate fears concerning the exposure of personal and financial information typically stored by the retailer. Interestingly, these same customers also said they are least likely to return to a hacked store when its leadership fail to publicize a solid plan to prevent future cyber attacks.
“Make no mistake, there is a lot at stake here for retailers. Consumers are clearly demanding that their information be protected and they’re going to let their wallets do the talking,” Mark Larson, a KPMG executive who analyzes global retail market activity, said in a statement.
The typical American consumer has become more aware of cyber attacks, KPMG notes, as several high profile data breaches have recently occurred.
Though the survey’s findings may be considered worrisome for many retailers, 55 percent of sitting, senior cybersecurity executives serving the sector — separately surveyed by KPMG — said they had not invested in cybersecurity over the last 12 months.
“Quite frankly, many retailers are not doing enough to protect their businesses from cyber attacks or react to them when they occur, and the effects of their inaction will end up harming them in the long run,” said KPMG Principal and Retail Cybersecurity Leader Tony Buffomante in a statement.