The recent data breaches against Panera Bread, Delta Airlines and Sears, and Saks and Lord & Taylor highlight a lot: the need for improved web application and Internet security processes, better accountability, and enhanced crisis management. But perhaps more than anything, it highlights why cyber-security is critical to securing the loyalty of your organization’s most valued customers.
In today’s digitally-driven, customer-centric world where consumers own the relationship, businesses invest large sums of political and financial capital into customer centricity, and loyalty programs are at the forefront of these efforts.
And while executives are quick to focus on the end-game benefits of a loyal-centric strategy…like more satisfied customers, increased loyalty, a lower cost to serve and more engaged employees…the road to a failed loyalty program (and/or PR black eye) is often paved with missed opportunities and what-ifs. Chief among them, making security front and center from the get-go.
Typically, loyalty programs aren’t treated as digital jewels to be protected until AFTER there’s a security breach. Lost data equals lost loyalty. When a customer loyalty program is designed with security as an afterthought, organizations run the risk of exposing high-value digital assets and data. Resulting breaches devalue and compromise a loyalty program, resulting in lost time, money and customer faith.
Moreover, any resulting loss in customer faith opens the door to competitors to hijack your organization’s customers at a time when your brand is vulnerable. Like vultures circling a wounded animal, compromised customer data, and the resulting fallout, is just as valuable to competitors as it is to the hackers that executed the cyber-attack.
Research underscores this. According to KPMG’s Consumer Loss Barometer, 19% of consumers surveyed would stop shopping at a retailer that has been the victim of a hack and 33% would stop shopping at the retailer for at least three months. The largest barrier to returning to a breached merchant is “lack of a solid plan to prevent further attacks,” according to the report.
Data That is Spread Far and Wide
In the past 12-18 months, customer data breaches have largely been fueled by the transition to the cloud. In the case of Sears, payment information belonging to thousands of customers was compromised via a 3rd party, cloud-based chat service. As cybercrime expert Brian Krebs said in a tweet about the breach: “In general I’d say these online chat features are a major cybersecurity liability for most corporations, esp. for threat from social engineering.”
Krebs’ point underscores the fact that transitioning to the cloud is a double-edged sword. The benefits are clear: increased speed, improved agility, improved services and more cost savings. The downside? A heterogeneous collection of cloud computing environments, each with different security policies and requirements. Gaps between these clouds create security risks. These gaps are the vulnerabilities that cyber assailants and their shapeshifting attacks seek to exploit.
The result? A tarnished user experience for today’s digital consumer. A damaged brand. Lost revenue.
What’s Yours Is Mine
With organizations dispersing consumer data across multiple environments, the security of a 3rd party provider becomes your organization’s security. Their gaps become your gaps. Driven by the need to satisfy consumer expectations and outclass the competition, businesses are doubling-down on loyalty programs. As a result, business management often ratchet ups the pressure to implement new mobile services, provide seamless integration or deploy new applications quickly. Security is often viewed as an anchor that slows the rollout of these services, yet security is the very cornerstone to securing the user experience, and thus loyalty, for today’s digital consumer.
The key to overcoming this shortsighted, after-the-fact approach is placing security front and center by bringing the security executive and C-suite together. The security of loyalty programs must transition from the domain of reactive disaster recovery and business continuity into the realm of proactive protection. If loyalty programs are designed to focus on the percentage of your organization’s most valuable customers, why wouldn’t its security fall in line with the other mission-critical assets and infrastructure responsible for servicing these very clients?
Executives at organizations both large and small should heed the data breaches of the past weeks and evaluate how secure their customer loyalty programs really are in the face of today’s surreptitious hacker…and just how valuable they are to securing the loyalty of your most valued customers.