Available at: https://www.shredit.com/en-us/data-protection/home?returnurl=%2fen-us%2fresource-center&page=1

Key report takeaways:

  • 35% of American’s state they would lose trust in an organization following a breach
  • 25% of consumers state that they would take their business elsewhere following a breach
  • Only a third of consumers believe all breaches are disclosed
  • 55% of c-suite respondents support the statement that breaches are not a big deal and are blown out of proportion vs
  • 79% of small business owners who felt that a breach is a big deal

Commentary:

An interesting survey by Shred-it of 100 c-suite executives, 1,000 small business owners and 2,000 members of the general public about security breaches. Highlights the disconnect between perception and reality when it comes to information security threats, especially at the c-suite level. No surprise there from my perspective.  This perception in the c-suite is in part driven by the reality of what happens post-breach – customers state that they will leave companies who experience breaches, but the reality is that few do – convenience outways security in most instances. Outside of a few specialized events, I cannot recall any major company who has gone under due to a reported security breach. However, this does not mean that there are not major financial impacts due to a significant breach, nor the possibility of turnover in the c-suite as a result.

Also, the disconnect between c-suite executives and small business owners is insightful but not unexpected. All too often in a large organization, the c-suite is disconnected from the impacts of their decisions on consumers. As a result, when something goes wrong they blame the process, the technology or their staff far removed from them. On the contrary, small business owners are often intimately familiar with their customers, and as a result, when a breach occurs they are on the front line having to explain what happened and suffer the consequences of customer wrath and defection.