What's Your Brand Promise? Customer Data, Cybersecurity, Compliance, And Trust

“A brand is nothing but an expression of the consumer’s loyalty and trust” - Advertising Hall-of-Famer Phil Dusenberry

Dealing with data breaches is normal for big brands in the retail realm. You only need to scan the headlines to see the latest examples of how large omnichannel retailers and other organizations have had their confidential customer data stolen or compromised by hackers.

These breaches can have a profound impact on shareholder value, as shown by a recent study from by cybersecurity consultant CGI and Oxford Economics that found global investors have lost nearly $52.4 billion due to cyber attacks in recent years. that same study revealed that there is “a significant connection between a severe cyber breach and a company’s share price performance.”

Being hacked typically leads to an average share price decline of 1.8 percent on a permanent basis, and the drop can be much steeper depending on the circumstances. For example, Target’s profit dropped 46 percent resulting in earnings of 81 cents per share as a result of its major breach in 2013. Though company share price tends to recover after a hack, it also tends to rise much slowly thereafter - in general, companies that have been hacked underperform by 42 percent over three years.

Europol Director Rob Wainwright warns that there’s a “growing sophistication in the cybercrime community.” The cyber threat remains persistent despite increased awareness of cybersecurity risks among retail decision-makers. Thus, retailers will continue to face an increased risk of exposure to hackers as they utilize cloud technologies and social media to collect information about their customers.

No matter what means or motivation hackers possess to steal your data, one thing is for certain: The onus is on businesses to be good data custodians and protect their customers’ privacy throughout the customer journey, or face serious consequences in the marketplace and beyond for both themselves and their shareholders.

The risks and rewards of customer data

Retailers walk a fine line while collecting and utilizing consumer analytics. When used and managed effectively, this data can be monetized to increase retailers’ profits and share prices through a deeper understanding of their customers’ wants and needs. For example, according to a recent survey of 70 chief marketing officers in retail, 30 percent use it to gain insights into customer attitudes, 44 percent use it to customize consumer experiences, and 60 percent say data helps them improve customer loyalty. Thus, loyalty programs are a great strategy because they provide quid pro quo incentives for customers to share their data in exchange for greater brand value.

However, for retailers to become both data-centric and consumer-centric, they need to focus on helping customers make smart buying decisions while also respecting and protecting their privacy. This is especially true in light of the fact that retailers’ digital transformation investments are expected to triple by 2019, and more than one-fifth of global retailers already have business applications in the cloud.

Despite the fact that retailers are increasingly embracing data and cloud technology, a recent survey showed that nearly 70 percent of employees exhibited behaviors that put their retail organization at risk of being hacked. This is bad news because the consequences of even a single rift in enterprise cybersecurity infrastructure can be dire. Here are some of the ways that your company can be negatively impacted by a breach, all of which will most likely result in lower share prices in the short term and perhaps even in the long term:

Brand loyalty – Getting hacked isn’t a good look for your brand because privacy and trust are values that are increasingly important to consumers. In fact, 84 percent of shoppers indicated that they’d change their shopping habits if their favorite store was hacked. It’s no surprise then that many top consumer brands such as Apple, Inc. AAPL, Netflix, Inc. NFLX and Amazon.com, Inc. AMZN rank high in customer loyalty. Clearly, loyalty and trust matter to consumers, so they should matter to retailers as well.

Failure to protect your customers’ privacy can result in customer churn, disloyalty, and increasingly negative perceptions of your brand in the marketplace. Conversely, companies that are digitally trustworthy will generate 20 percent more profit by 2020 than those that are not.

Regulatory compliance  

The General Data Protection Regulation (GDPR) means retailers face stiff penalties if their customer data is misused, lost or stolen. These penalties can be severe enough to significantly impact a company’s bottom line and thus affect its investors’ outlook as well. The GDPR applies to any company that stores or processes European citizen data, and serves as the gold standard for similar legislation that’s anticipated around the globe in coming years.

No matter what, GDPR compliance isn’t just a good idea, it’s the law. Fortunately, many retailers might already have a footprint for GDPR-compliance if they currently adhere to the PCI Data Security Standard for data protection in payment processing.

The creep factor

Consumers increasingly demand that retailers anticipate and address their wants and needs with personalized marketing communications. However, hackers who steal and sell consumer data through third parties are making it easier for spammers to send your customers unwanted solicitations. Imagine giving your phone number to someone you know and then having a stranger call to ask you out instead. Creepy.

How to defend your customer data and use it appropriately to protect your brand

The rewards from utilizing customer data need to be balanced with the risk of data breaches. Thankfully, there are several ways omnichannel retailers can protect their customers’ data to make it actionable and ultimately profitable.

Specifically, tokenization is a process that allows you to pseudonymize your consumer data so that it can’t be attributed to a specific individual. This way, you’re protecting your customers’ privacy while also ensuring data can be monetized by your organization. In fact, the PCI Security Standards Council states that tokenization reduces risk, increases security and “will lead to simpler compliance efforts.”

Leading data security firms like Protegrity can help you in your efforts to tokenize sensitive customer data. Their CEO, Suni Munshani, says, “The reality of our endlessly-connected, always-online lives is that as digital citizens we have no choice but to trust the brands we engage with on a daily basis via mobile apps, websites and connected devices. Corporations collecting customer data must have a heightened sense of responsibility for it, not just from a brand equity perspective should it be leaked, misused or abused, but also from a sense of social responsibility.”

In addition, maintaining a data-centric culture that prioritizes data privacy and security will help ensure that your employees don’t fall prey to social engineering or otherwise expose customer data to unnecessary risk. The adage “loose lips sink ships” applies here, as one small mistake such as a mishandled flash drive can cause big problems for even the largest enterprises. Likewise, using a data protection platform will allow your company to collect, store, and use data while seamlessly enforcing data policies firm-wide.

Ultimately, the responsibility for protecting and managing customer data lies solely with the companies that collect it. Karma or the law might eventually catch up with hackers, but your organization will suffer if you allow your customer data to be compromised in the meantime. It’s all about trust.