If a store you visit often suffers a cyberattack, you might feel like someone went through your wallet. This kind of attack or data breach, and this kind of feeling, isn’t new. The growing frequency, cost and impact of cyberattacks are new — and consumers notice. Consumers are more aware of attacks than ever before. After all, they affect the public directly more often now, such as when attackers steal their personal information from a large company.

How do consumers perceive these attacks and the threat from future attacks? In what way does this new awareness change consumer behavior and expectations?

Enterprise Attacks Directly Affect Consumers

When attackers breach companies, consumers share the impact. The most measurable impact is in the price of goods and services.

Cyberattacks incur costs in the form of ransomware payouts, higher insurance prices, lawyer fees to remain compliant with regulations, operational disruption, the costs of getting back online and other expenses. These costs are borne by companies, but in the end, raise consumer prices.

And the costs of attacks are going up every year. The average cost of a ransomware attack, for example, was $1.85 million in 2020 — double the previous year, according to a survey from Sophos.

And the future looks grim on this count. Cybercrime costs worldwide are expected to grow by 15% per year over the next five years, reaching $10.5 trillion per year by 2025, according to a prediction by Cybersecurity Ventures. This is the increase in the cost of doing business, which will be reflected in consumer prices.

The other major impact of enterprise cyberattacks on consumers comes from when an attack breaches customer data. Many kinds of attacks leave customers open to identity theft and other kinds of fraud. When attackers sell customer data on the dark web and other criminals buy that data, they can turn an enterprise attack into hundreds of others. It can spin off into credit card fraud, identity theft and a world of social engineering scams. Cyberattacks may strike once, but identity- and personal data-related fraud is forever.

Attacks impact consumers. But what do consumers think about cyberattacks?

How Consumers Think About Cyberattacks

Public awareness about cyberattacks is high. More than three-quarters of consumers are concerned about the privacy of their data, according to a KPMG survey. This worry about the data that companies retain comes with concern about having that data stolen or compromised by a cyberattack.

Some 63% of consumers worry about their data being stolen, according to a survey by Norton. And more and more public reporting in the media on major cyberattacks and their impacts drives this concern.

The rise in cyberattacks on businesses has heightened consumer worries in the past year. Some 44% feel more at risk from cybercrime than they did before the COVID-19 pandemic began, according to the Norton survey.

That worry exists and is rising. But how does worry about cyberattacks manifest in the actions of consumers?

Changing Consumer Behavior and Attitudes

One major impact from concern over cyberattacks is that customers may mistrust brands that suffered an attack. And this mistrust drives consumers away.

A majority (59%) of consumers say they’ll avoid companies hit by a cyberattack in the past year, according to a survey by Arcserve. This means customers are likely to switch from the attacked company to its market rivals.

Consumers are seeing more and more that cyberattacks against the companies that hold their personal data put their own cybersecurity at risk. That data gives criminals the information they need to launch phishing attacks and other threats against them. This is especially acute in the financial services industry, and deeply concerning in health care.

And it’s not just business. Most American citizens are concerned about state-sponsored cyberattacks on U.S. financial institutions, national security and defense systems, energy systems, health care organizations, government agencies and their own personal information, according to a study from the Pearson Institute for the Study and Resolution of Global Conflicts at the University of Chicago and The Associated Press-NORC Center for Public Affairs Research.

What Does This Mean for the Future?

Two rising trends are coming together. First, look at the growing frequency, cost and impact of cyberattacks. Add to that the increasing awareness, concern and reaction of consumers. The one-two punch bodes ill for consumer-facing companies.

This means cybersecurity has major hidden costs they didn’t have in the past. Those are the cost of lost customers, the hesitancy of customers to give up personal and financial data and what could be major reputational damage from serious cyberattacks.

The cost of lost customers also magnifies the other costs by raising the incentive to make ransomware payments and spend more on cyber insurance, cybersecurity staff and tools, reputation management and PR and other costs. The consumer factor magnifies the impact of cyberattacks.

The good news is that there’s a flip side. Consumer concern presents an opportunity, too. You can address customers’ anxiety in advance in a few ways. First, establish very strong security and customer data protection. In addition, communicate to customers exactly why their data is safe.

It’s time to stop assuming that consumers don’t know or care about cybersecurity. They do, and they understand it. That’s why organizations need the right security posture. Combine that with clear and respectful messaging, and you get a way forward. You’ll need it in this new era of cyber threats and with growing public awareness and concern for the risks.

More from Data Protection

Vulnerability resolution enhanced by integrations

2 min read - Why speed is of the essence in today's cybersecurity landscape? How are you quickly achieving vulnerability resolution?Identifying vulnerabilities should be part of the daily process within an organization. It's an important piece of maintaining an organization’s security posture. However, the complicated nature of modern technologies — and the pace of change — often make vulnerability management a challenging task.In the past, many organizations had to support manual integration work to get different security systems to ‘talk’ to each other. As…

Cost of a data breach 2023: Geographical breakdowns

4 min read - Data breaches can occur anywhere in the world, but they are historically more common in specific countries. Typically, countries with high internet usage and digital services are more prone to data breaches. To that end, IBM’s Cost of a Data Breach Report 2023 looked at 553 organizations of various sizes across 16 countries and geographic regions, and 17 industries. In the report, the top five costs of a data breach by country or region (measured in USD millions) for 2023…

Cost of a data breach 2023: Pharmaceutical industry impacts

3 min read - Data breaches are both commonplace and costly in the medical industry.  Two industry verticals that fall under the medical umbrella — healthcare and pharmaceuticals — sit at the top of the list of the highest average cost of a data breach, according to IBM’s Cost of a Data Breach Report 2023. The health industry’s place at the top spot of most costly data breaches is probably not a surprise. With its sensitive and valuable data assets, it is one of…

Cost of a data breach 2023: Financial industry impacts

3 min read - According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15% more than in 2020. In response, 51% of organizations plan to increase cybersecurity spending this year. For the financial industry, however, global statistics don’t tell the whole story. Finance firms lose approximately $5.9 million per data breach, 28% higher than the global average. In addition, evolving regulatory concerns play a role in how financial companies…