A new study by strategic insights consultancy Nature has revealed widespread concern and loss of confidence in companies handling personal data, with two in three Australians not confident in the ability of large companies to keep their personal data safe.
The study follows the recent cyber-attacks on Optus and Medibank, with 63 per cent of Australians who are aware of the attacks saying they are re-thinking which companies absolutely need their data, and which can do without it.
The loss of confidence is leading to action, with 46 per cent of those aware of the attacks saying they intend to change how they interact with their service providers until they demonstrate better data security handling, and nearly a third believing it is now reasonable to pay for extra privacy protection online.
Nature founder and managing partner, Chris Crook, said: “The Optus and Medibank cyber-attacks have made headlines recently, but data security concerns have long been growing. Breaches are becoming more sophisticated and more costly to contain, and the reputational impact on companies can be significant.
“A key aspect of our study was to understand how Australian organisations could rebuild lost trust that many Australian consumers are clearly feeling.
“Security checks are seen as a hygiene factor, but the results show that more needs to be done to improve the confidence of the 56 per cent of Australians who want more than just routine checks,” he said.
The study shows Australians think companies need to be doing more in terms of security when it comes to personal data.
Sixty-four per cent of Australians say they understand why companies have to ask personal questions for identification yet 56 per cent of people agree that when a company doesn’t do a lot of security checks it stands out as not being good enough. More than nine in 10 Australians prefer extra layers of security like passcodes and two-factor authentication.
Nature associate director, Sophie Wallis (lead image), said: “Data breaches in Australia are costly and hard to contain. The average data breach in Australia costs $4.6 million and takes an average of 277 days to contain, so there is a huge risk to businesses and consumers alike.
“The sentiment around the country is that people understand it could very well happen to them, so they are starting to take action to ensure their personal data is either not given out, or only given out to companies they believe they can trust.
“Companies are now faced with distinct opportunities to win that consumer trust, including making people feel confident that their data is safe through clear communication, minimising data collection and retention, improving security systems and processes, and adding more security checks,” she said.
“When it comes down to it, Australians just want peace of mind that their data is being securely managed.”
The research was conducted in November 2022 and covered 1000 people across Australia. The sample size was representative of the national population.