Advertisement

Report: U.S. retailers aren’t investing in cybersecurity even as breaches persist

U.S.-based retail stores are especially susceptible to damages caused by hackers. When these stores get hit by a data breach it could cost them, on average, roughly 19 percent of their customer base, according to a new, 448-person survey​ conducted by global audit, tax and advisory firm KPMG.
Target
(Mike Mozart/Flickr)

 

As high-profile hacks like Target, Home Depot and Eddie Bauer show, U.S.-based retail stores are especially susceptible to damages caused by hackers. A new survey out Tuesday shows how much that damage usually amounts to.

A data breach costs retail outlets, on average, roughly 19 percent of their customer base, according to a survey conducted by global audit, tax and advisory firm KPMG.

Nearly one-fifth of respondents told KPMG they would avoid a retailer that was the target of a successful cyber attack, regardless of how the company remediated damages caused by hackers.

Advertisement

Another 33 percent of people surveyed said they would wholly abandon an affected business for about three months, due to immediate fears concerning the exposure of personal and financial information typically stored by the retailer. Interestingly, these same customers also said they are least likely to return to a hacked store when its leadership fail to publicize a solid plan to prevent future cyber attacks.

“Make no mistake, there is a lot at stake here for retailers. Consumers are clearly demanding that their information be protected and they’re going to let their wallets do the talking,” Mark Larson, a KPMG executive who analyzes global retail market activity, said in a statement.

The typical American consumer has become more aware of cyber attacks, KPMG notes, as several high profile data breaches have recently occurred.

Though the survey’s findings may be considered worrisome for many retailers, 55 percent of sitting, senior cybersecurity executives serving the sector — separately surveyed by KPMG — said they had not invested in cybersecurity over the last 12 months.

“Quite frankly, many retailers are not doing enough to protect their businesses from cyber attacks or react to them when they occur, and the effects of their inaction will end up harming them in the long run,” said KPMG Principal and Retail Cybersecurity Leader Tony Buffomante in a statement.

Chris Bing

Written by Chris Bing

Christopher J. Bing is a cybersecurity reporter for CyberScoop. He has written about security, technology and policy for the American City Business Journals, DC Inno, International Policy Digest and The Daily Caller. Chris became interested in journalism as a result of growing up in Venezuela and watching the country shift from a democracy to a dictatorship between 1991 and 2009. Chris is an alumnus of St. Marys College of Maryland, a small liberal arts school based in Southern Maryland. He's a fan of Premier League football, authentic Laotian food and his dog, Sam.

Latest Podcasts