Posted by:
admin
15 years, 11 months ago
Tim Erlin started a discussion about brand damage. However, the data he used was really about stock prices, not "brand", which is much harder to quanitify (and it's not easy to qauntify the affects of breach on stock price).
Recently, Javalin Research surveyed twelve hundred consumers randomly via phone during February on consumers' perceptions about breaches:
Although previous Javelin studies have proven that only a fraction of fraud in the U.S. is due to data breaches, 77% of consumers intend to stop shopping at merchants that suffer from data breaches. Retailers and merchants are viewed by 63% of consumers as the least secure when protecting consumer's data, compared with processors (16%), card networks like Visa or MasterCard (5%) and issuers (5%). When little is known about a data breach, half of all consumers automatically consider the merchants where they shop to be at fault. However, 85% will reward merchants who are perceived as security leaders with increased purchases.
The responses are suspect in my opinion. I find it hard to believe that 77% percent of TJX shoppers will stop shopping there. If TJX apologizes, explains how they have increased security and sends a discount coupon to affected consumers, the vast majority will return. However, not all will return.
The report also states that, absent any information about a breach, 49% of consumers will hold the merchant responsible. While this sounds like Visa promoting PCI to merchants, it also makes sense. Even if the payment processor looses my data, I didn't choose them. The merchant did.
Share on Twitter Share on FacebookRecent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)