The Digital Trust Index for 2018 in the Asia Pacific and Japan (APJ) region is 63 points out of 100, a score indicating consumers’ flagging confidence in the ability or desire of organizations to fully protect user data.
This figure comes from CA Technologies’ findings in its inaugural “Global State of Digital Trust Survey and Index 2018” study.
One of the key findings from the survey is that there is a 13-point gap between the Digital Trust Index of consumers (63%) and the perceptions of business decision makers and cybersecurity professionals (76%) in APJ, signifying that business leaders overestimate consumer trust in their organizations.
This perception gap can lead to complacency amongst businesses and undermine organizations’ efforts to understand the importance of consumer trust, improve their security infrastructure and enforce data protection policies.
Frost and Sullivan industry principal Jarad Carleton says, “As businesses across every sector create new online goods and services for their customers, they are consuming an increasing amount of personally identifiable user data.
“The degree to which consumers have placed their trust in organizations to protect their information is more critical than ever.”
“At the same time, there is an increasing distrust in APJ that businesses will be good stewards of the data they collect without strong oversight,” he says.
“There is a lot of work to do to earn back consumer trust, and organizations need to know how to get started.”
The study found that 89% of business executives and IT security professionals in APJ stated that they are very good at protecting consumer data, exhibiting a high level of self-confidence in their organization’s role as data steward.
Additionally, more than nine in ten (92%) of the business and IT respondents believed that better data privacy is a point of differentiation for them against their competitors.
However, businesses are not demonstrating that they are taking the right steps to protect consumer data.
Nearly three in four (73%) of business executives in the region indicated that they used consumer data that includes personally identifiable information (PII) internally.
What is even more alarming is that 40% of APJ business executives surveyed admitted to selling consumer data.
At the same time, only 17% of cybersecurity professionals knew that their company was selling data.
This significant disconnect and lack of communication on how consumer data is used within the company can severely compromise these organizations’ ability to safeguard their customers’ data from internal and external abuse.
The study found that 33% of the APJ consumers reported that they currently use, or have used in the past, services of organizations that were involved in a publicly disclosed data breach.
Amongst these respondents, more than half (54%) have stopped using the services of an organization because of a data breach.
This is a particularly concerning finding for businesses as the cyberthreat landscape is constantly evolving and attack vectors are ever-expanding.
For organizations, it is not a question of if a breach will occur, but when.
In APJ, 38% of business executives admitted that their organization has been involved in a publicly disclosed consumer data breach in the last year.
And approximately three in five of these respondents indicated that the data breaches had long-term, negative impact on consumer trust (59%) and business results (63%).
The study also found that despite the growth of this region’s e-commerce and digital economy, 13% of consumers with low digital trust still reduced their spending on online shopping and services over the last year.
This is more than four times higher compared to consumers with high digital trust where only three% have decreased their spending.
These findings not only illustrate how consumer trust in online services drives usage patterns, but how the loss of digital trust can undermine business growth.
In addition, the lack of digital trust can also impact the rollout and adoption of new digital services.
In fact, only 22% of consumers with low digital trust are more receptive to use an organization’s app to access their services, compared to 46% of consumers with high digital trust.
Furthermore, only eight percent of the consumers with low digital trust in the region are willing to provide their personal data in exchange for digital services, compared to 77% of the consumers with high digital trust.
In order to earn back the trust of consumers, businesses need to re-examine their stance on data stewardship.
This means examining their policies for using consumer data and being more transparent with their users about how the information is being used.
It also means taking greater care when sharing or selling data to ensure that they uphold stringent standards of protection.
Besides policies, technology also plays a fundamental role in reinforcing digital trust.
Ninety percent of cybersecurity professionals in APJ highlighted that it is critical to use identity access management technology to safeguard consumer data while 87% stated that implementing user behavior analytics to identify suspicious activities is vital.
CA Technologies APJ Security vice president Gene Ng says, “Companies also need to adopt a security-driven culture across their entire organization.
“This involves authorizing access to only those who need to use the data while deploying cybersecurity best practices, such as implementing a comprehensive identity and access management solution to protect data assets.
“These measures are not only essential for delivering a secure user experience and restoring consumers’ trust in the organization, they will also mitigate the risk of losing half of the company’s customer base due to a data breach,” Ng adds.