Data security is a waste of money, says execs whose companies suffered data breaches

Though they admitted that the breach negatively affected their bottom line, one-third of business execs from major global companies said they saw security initiatives as a negative return on investment.

What happens to companies that suffer publicly disclosed data breaches? Half their customers are likely to desert them, according to a global study done for technology company CA Technologies by analyst firm Frost and Sullivan.

The study surveyed about 1,000 consumers and 660 business and cyber security professionals from over 600 companies earning at least $100 million in annual revenue across ten countries, including the US, UK, Australia, China, India and Japan.

It found that 48 percent of consumers stopped trusting and using a company’s services because of a data breach.

In particular, Chinese consumers were the most unforgiving, with nearly 80 percent reporting that they stopped using a company’s services after hearing news of a data breach.

The research report noted that data protection scandals are now occurring on a “near-weekly” basis, with even major companies like Deloitte and Uber being affected.

Half the companies surveyed reported that they had suffered a data breach in the past, resulting in a long-term fall in revenue and consumer trust. Despite that, nearly one third of business executives said they saw security initiatives as a negative return on investment –­ a view not shared by their cybersecurity colleagues.

The report added that, “astonishingly”, most of the execs that found security initiatives a waste of money were in fact from companies that had suffered data breaches – breaches that the execs themselves previously admitted had “negative business impact”.

“Executives are tone deaf to modern security challenges and data breach implications, and have not learned from previous mistakes,” the report said.

The report also found that companies grossly overestimate their data security capabilities. While 90 percent of companies surveyed that claimed to have “good or excellent” data protection, more than half of these companies had, in fact, suffered a data breach.

In addition, companies also overestimated how much their customers trusted them to protect their data.

“It is apparent that organizations are dangerously out of touch with their customers,” the report warned, adding that this complacency could, ironically, make them easier targets for hackers.