A new report by Capgemini's Digital Transformation Institute has revealed that cybersecurity is a new source of competitive advantage for retailers. It calls for more organizations to align cybersecurity policies with customer expectations to take advantage of this opportunity. The report, "Cybersecurity: The New Source of Competitive Advantage for Retailers" demonstrates that consumers are increasingly aware of security breaches in retail and are willing to spend more with retailers who demonstrate robust cybersecurity capabilities.
The new report, which surveyed more than 6,000 consumers and 200 retail executives, found that 77% of consumers ranked cybersecurity as the third most important factor when selecting retailers, behind product availability and quality, and above traditional factors including pricing and brand reputation. Strong cybersecurity measures increase customer satisfaction by 13%; while 40% of consumers would be willing to increase their online spend by at least 20% more with retailers they trust. The report revealed that retailers who can adopt advanced cybersecurity measures could drive a 5.4% uplift in annual revenue.
However, the report identified a disconnect between the assurances consumers want and what retailers are doing. Seventy percent of consumers want to be assured that their financial and personal information is safe yet only 44% of retailers are actively informing them. Retailers are also not adequately informing their customers of data breaches. Forty percent of retailers said they experienced a data breach over the past three years (2015–2017 inclusive) and had customer financial or personal data compromised, yet only 21% of consumers say that they heard their primary retailer's name mentioned with a data breach.
Upping cybersecurity could be the driving force behind inspiring e‑commerce avoiders to begin spending their money online. According to AudienceSCAN, 28% of e‑commerce avoiders are over the age of 65 and 30.1% are retired. They're also 12% more likely than other adults to live in a rural or small town.
"Cybersecurity represents a lucrative opportunity for retailers to improve customer satisfaction and drive higher online spending," said Tim Bridges, Global Sector Lead, Consumer Products, Retail & Distribution at Capgemini. "Only retailers who are able to effectively align their cybersecurity measures with customer expectations will be able to impact top-line revenue."
Aspects of a website, like pop-ups, make e‑commerce avoiders feel uncomfortable. In fact, according to AudienceSCAN, 54.9% of these consumers avoid websites with pop-ups or other intrusive ads. Forty-nine percent also think that ads that follow them from previous websites are creepy.
The report includes a series of practical recommendations based on the findings of the survey to help retail leaders address the increasing incidents of cyberattacks, along with the growing demand from customers for greater transparency.
Priority 1 – Work to understand customers' expectations and ensure the required features are fully implemented
Priority 2 – Ensure cyber-defense systems are one step ahead of hackers
The report reveals that inclusion of new technologies, weak segregation of duties, and outdated architecture are the top three vulnerabilities that have been exploited by hackers during retail breaches in the last three years. Yet less than half of the retailers perform security audits on a daily or weekly basis. To stay ahead of hackers, the report highlights that it is important for retailers to:
- Understand the organization's vulnerabilities and reinforce them
- Identify the biggest threats and adopt best practices to detect them
- Involve top management to ensure adequate investment for the key security initiatives
- Develop a solid incident response plan to prevent customer churn
Priority 3 – Position themselves as the safe custodian of customer data
The report reveals a strong disconnect between consumers and retailers on whether explicit permission for storing and using data is taken. Nearly a third (29%) of consumers say their primary retailer does not communicate changes in data privacy to them. As the GDPR deadline looms ever closer, it is imperative that retailers devise strategies to mitigate this disconnect and assure consumers that their data is safe. Currently, only 40–60% of retailers have fully implemented certain components of the GDPR requirements.
Not surprisingly, the best ways to reach e‑commerce avoiders with a message of secure online shopping is is through TV, direct mail and newspaper ads, according to AudienceSCAN. Fifty-two percent of this consumer group gets their local news via the TV and 59% took action after seeing a TV ad last year. Print isn't far behind with 56.7% of this group having taken action after receiving ads and/or coupons in the mail and 45.8% reacting to a newspaper ad within the last year.
AudienceSCAN data is available for your applications and dashboards through the SalesFuel API. Media companies and agencies can access AudienceSCAN data through the AudienceSCAN Reports in AdMall.