Cyber attacks are posing a growing threat to retailer revenues and reputations, with almost a quarter of shoppers prepared to abandon brands hit by data breaches, according to new research from RSM UK.
The accountancy and consulting firm’s Consumer Outlook survey found that 24 per cent of consumers would completely stop using a brand following a data breach, underlining the financial risks retailers face as cyber attacks become more sophisticated.
The findings follow a series of high-profile attacks on major retailers last year, including Marks & Spencer, Jaguar Land Rover, Co-op and Harrods. RSM noted that M&S alone is estimated to have lost £136 million as a result of a cyber incident.
Despite concerns around cybersecurity, the survey of 2,000 consumers also highlighted shoppers’ willingness to share personal data in return for tailored offers and recommendations. Nearly two-thirds (65 per cent) said they were comfortable providing brands with their personal details to receive personalised benefits.
Sheila Pancholi, partner and head of technology risk assurance at RSM UK, said retailers could not afford to become complacent.
“Our findings are a stark reminder of just how damaging a cyber attack can be for a business,” she said. “Losing almost a quarter of their customer base could amount to a significant loss in revenue, so retailers mustn’t get complacent.”
Pancholi added that recent incidents demonstrated that retailers of all sizes remain vulnerable to attacks, particularly as cyber criminals become more advanced through the use of artificial intelligence.
“It’s no longer a case of ‘if’, but ‘when’, retailers may fall victim to an attack,” she said.
She also stressed that retailers needed to focus not only on prevention but also on how they respond to incidents.
“While having robust cyber controls in place to prevent an attack is imperative, this is no longer enough,” Pancholi said. “A brand’s ability to effectively contain, respond to and communicate an attack to its customer base is equally as important.”
RSM highlighted M&S as an example of a retailer that maintained customer trust through regular and transparent communication during an incident.
Jacqui Baker, partner and head of consumer markets at RSM UK, said retailers should take advantage of consumers’ willingness to share data by strengthening loyalty schemes and customer engagement strategies.
“Loyalty schemes are a great way to obtain rich data, and they’re increasingly becoming a ‘must have’ to remain competitive,” she said.
However, Baker warned that loyalty programmes can also increase retailers’ exposure to cyber threats if sensitive customer data is not properly protected.
“So before venturing into the space, it’s imperative the business has embedded strong cyber controls, as well as a comprehensive incident response plan,” she added.