Study confirms that trust following a security breach is best retained when organizations are up front
- Published: Thursday, 10 November 2022 09:34
Organizations that suffer security breaches in which customer information is put at risk are far more likely to retain consumer trust if they are swift in communicating the incident and are proactive in setting out a solution, according to new research from Durham University Business School.
The study, co-authored by Dr Spyros Angelopoulos, alongside Robert Davison from City University of Hong Kong as well as Noury Janse, Carol Ou, and Xiaowei Zhang from Tilburg University, sought to better understand the actions that organizations typically take in the event of security breaches, and the subsequent reactions of consumers.
By doing so, the researchers hoped to guide organizations in choosing response strategies that could enable them to maintain consumers’ trust as well as their standing in the market.
To capture authentic consumer appraisals on how security breach incidents have been handled previously, the researchers conducted experiments and developed a conceptual model reflecting the most common forms of security breach within e-commerce, along with the typical response strategies of affected organizations.
Their investigation revealed that the key factors for retaining consumer trust following a security breach are; the perceived risk, the severity of the breach, and the response efficacy of the affected organization.
However, the researchers found that consumers’ reactions varied depending on the type of data that was placed at risk. For example, financial risks and privacy risks were found to be the most influential factors in determining consumers’ intentions to return their custom to an affected organisation following a breach.
The chosen response strategy of the affected organizations, proved to be the most vital element in retaining consumer trust. Whilst it could be presumed that announcing a security breach would alarm consumers, the researchers found that by adopting a more proactive response organizations can decrease consumer worries and positively boost the organization’s reputation.
Far from hiding or down playing such incidents, the research shows that transparency and proactivity are powerful tools for retaining confidence. Other factors which were revealed to build consumers’ reassurance included historical evidence of other similarly well-handled incidents.
The study ‘Security breaches and organisation response strategy: Exploring consumers’ threat and coping appraisals’ has recently been published in the International Journal of Information Management.