A CA Technologies study reveals 43% of business executives admitting to selling consumer data that includes personally identifiable information
According to a CA Technologies' Global State of Digital Trust Survey and Index 2018, consumer behavior reveals strong correlation between lack of business and lack of digital trust. The study shows how consumers perceive and trust organizations to protect their digital data. It also includes significant data about how business leaders and cybersecurity professionals at organizations view their responsibilities of data stewardship, the licensing of consumer data to third parties and the technologies they are implementing to protect data and customer privacy.
As consumers are increasingly transacting online – whether for work, leisure or play – providing organizations with access to vast amounts of data, from consumer profiles and personal information to user behavior and habits. With that increasing store of data also comes greater responsibility to protect it against abuse from external and internal sources. The data abuse have been evident in the number of cases which were reported in 2017.
According to the study, the Digital Trust Index for 2018 is 61 points out of 100, a score which reflects flagging faith from consumers surveyed in the ability or desire of organizations to fully protect user data. The index was calculated based on a number of different metrics that measure key factors around the concept of digital trust, including how willing consumers are to share personal data with organizations and how well they think organizations protect that data.
The major findings from the study reveal:
- Nearly half (48%) of consumers report that they currently use, or have used in the past, services of organizations that were involved in a publicly disclosed data breach and, of those, 48% have stopped using the services of an organization because of a breach.
- There is a 14-point gap between the Digital Trust Index of consumers (61%) and the perceptions by business decision makers and cybersecurity professionals (75%), signifying mismatched perceptions among these audiences in a measurement of perceived consumer trust versus actual consumer trust.
- Only half of consumers surveyed (49%) are willing to provide their personal data in exchange for digital services.
- 90% of organizations claim that they are very good at protecting consumer data, showing a high level of self-confidence, despite the fact that nearly half (48%) of business executives admitted that their organization has been involved in a publicly disclosed consumer data breach in the last year.
- 43% of business executives admit to selling consumer data that includes personally identifiable information, while only 15% of cybersecurity professionals surveyed knew that their company was selling data containing PII.
These results indicate a significant gap between how organizations view their responsibilities on data stewardship and consumer expectations around how organizations protect consumer data. In the application economy where data is the key, organizations must prioritize data privacy and security or risk serious ramifications. Organizations can mitigate these risks by taking a proactive stance on security, such as narrowing their policies for sharing user data, reducing privileged user access, implementing continuous user authentication technologies, and adopting better cybersecurity and privacy controls to stop hackers.