The Ashimmy Blog

Adam Dodge writing on the Security Catalyst blog (another great SBN member site) writes about how data breaches have a substantial impact on companies losing customers. Adam points out that nothing will make a company take security more seriously than hits to the bottom line.  Adam cites two recent studies to prove how data breaches make customers lose faith in the breached companies and how a substantial amount (30% or more) terminate their relationship. 

I don't buy this for a second.  In fact I think for many kinds of breaches, it doesn't effect bottom line or customer loyalty at all. DSW Shoes,TJX, Best Buy - none of these retailers had any lingering effect to the bottom line or their stock prices as a result of data breaches. Adam's evidence from two studies are both sponsored by companies that make their living in id management and identity protection.  These are hardly neutral parties.

I can understand if the data breach was your banking institution, but when it comes to retail at least, I don't think people stop shopping there.  That is not to say that they don't get upset and on a short term basis bitch and moan about it.  But long term the next time DSW has shoes on sale or Best Buy is running a great deal on HD TV, consumers will be lining up to buy.  Also the fact that stock prices are not effected is not lost on executive management of these companies.

The fact is until there are real hits to the bottom line from these high profile breaches, as a business plan it may be cheaper to absorb the cost of a breach than to try to lock it down and prevent them.

* The two studies Adam mentions are here:

http://www.debix.com/docs/Javelin_Research_Consumer_Survey_Data_Breach_Notification_2008.06.pdf

http://www.idexpertscorp.com/breach/ponemon-study/

Related articles by Zemanta

• US retailer Forever 21 hit by payment card breach
• ID theft a growing problem for business
• Remember How TJX Was The Worst Data Breach In History? Well, It Was Actually Worse
• TJX breach could top 94M accounts