3 out of 4 Consumers Will Leave your Websites Because of Security Concerns

Tuesday, September 22, 2015

Peter Zavlaris

Af2c9843333cc1e2578ddf18b3eed066

As part of the ongoing battle for eyeballs, marketing departments implement tracking technologies that encroach on customer privacy, while digital assets are cobbled together from third-party technology to accelerate time-to-market.

There are hundreds of companies providing website testing, engagement tracking, social tracking, content creation, etc. Most of them are startups that rely on Amazon Web Services (AWS) for IT, or have outsourced the creation of some, if not all, of their production code. These companies invest heavily in engineering, marketing and sales – and know little about security.

For instance, hundreds of leading online brands use a social engagement tracking service called Gigya, which suffered a breach in 2014 that gave hackers access to their DNS. Instantly, thousands of sites connecting to Gigya, including NHL.com and NBC.com, were temporarily under control of the Syrian Electronic Army (SEA).

The downstream effect of these types of breaches, which can impact tens, hundreds, or even thousands of web properties, can be devastating from both a reputational and liability standpoint if they result in monetary fraud or leaked personal information.

According to a recent Ponemon report, almost 69% of consumers have left a website because of security concerns.

In fact, two-thirds of the time, consumers blamed security when they had a poor experience on a brand’s website. Specifically, 67 percent said they lose trust in a site when pages load slowly, and 3 out of 4 worry about security when site performance is sluggish.

The bottom-line for website operators is clear, consumers measure a brand’s online presence based on the performance and safety they experience, even though third-party providers like Gigya may be the source of problems that affect consumers.

While responsibility for protecting corporate digital assets falls squarely on the shoulders of IT security teams, their control and administration falls in a grey area. Marketing generates digital assets, but is not responsible for the security behind campaigns, lead gen, tracking, etc.

The challenge for IT security is ensuring that digital assets including websites and apps, even those that use third party services, are safe for consumers to visit and download. This is a new and more difficult mission, and one that greatly impacts the bottom line of any business.

Cross Posted With Permission from RiskIQ

19719
General Breaches
Information Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked