Vercara has published its second annual Consumer Trust & Risk Report, unveiling critical insights into consumer attitudes towards data breaches and cybersecurity incidents. Notably, the survey indicates a marginal decrease in consumer trust following breaches, showing a drop from 62% in 2023 to 58% in 2024. This suggests a slight resilience among consumers when it comes to the reputational impact of security incidents.
Despite this minor change, the research highlights a significant gap in consumer awareness regarding insider threats, with many attributing breaches mainly to external bad actors. In fact, over half of the respondents—58%—express concern that brands experiencing a data breach cannot be trusted, while a substantial 70% stated they would discontinue shopping with a brand after any security incident. The findings also reveal that generational differences play a role; Generation Z shows a distinct indifference to security breaches, whereas Baby Boomers are more likely to reassess their purchasing decisions following such events.
The survey further disclosed alarming statistics concerning consumer data exposure during online shopping. Approximately 30% of participants reported having their data compromised while shopping online, leading to substantial insecurity regarding digital transactions. Respondents identified various causes for these breaches, with 36% pinpointing external hackers infiltrating company systems as the primary threat—a belief held by 67% of Generation Z participants. In addition, 33% attributed breaches to inadequate security measures within organizations.
The data also suggests that physical breaches, such as unauthorized entry into offices, are less of a perceived threat, accounting for only 8% of responses. Issues related to insider threats were even less recognized, with a mere 5% of respondents attributing potential breaches to internal personnel. This disconnect indicates a need for improved communication and education regarding the multifaceted nature of cybersecurity risks.
Compounding this challenge, the report highlights consumer habits that inadvertently increase vulnerability. An alarming 21% of respondents admitted to using identical passwords for both work and online shopping accounts, while 57% expressed comfort in utilizing their work devices for personal purchases. Such practices amplify the risks to corporate security frameworks, exposing organizations to potential breaches that could arise from even minor personal shopping activities.
In analyzing this landscape through the lens of the MITRE ATT&CK framework, several tactics may illustrate the pathways adversaries commonly exploit during such attacks. The initial access might be gained through phishing or exploiting software vulnerabilities, while persistence could involve installing backdoors to maintain access after a breach. Moreover, privilege escalation tactics could provide unauthorized users with heightened access permissions, further compromising sensitive data.
As businesses navigate these evolving consumer perceptions and behaviors related to cybersecurity, it becomes increasingly crucial to foster awareness and implement robust security measures. The Vercara report serves as a critical reminder of the ongoing risks associated with breaches and the imperative for organizations to prioritize cybersecurity both to protect their operations and to maintain consumer trust in an increasingly digital marketplace.
