News • 13.12.2021

New research reveals cybersecurity confidence gap

95 % of stakeholders satisfied with security, yet one third of companies experienced a data breach

A padlock in front of a laptop
Source: flyd2069 / Unsplash

Despite high confidence in their risk assessment capabilities, study finds a third of companies have been breached, and 89% have been hit multiple times.

New data released by Cornell University’s Center for Hospitality Research and FreedomPay reveals that while nearly all (96%) surveyed retail, restaurant and hospitality stakeholders are confident in their companies’ internal risk assessment processes, their satisfaction (95%) in the security of their systems is misaligned with reality, as one-third of companies (31%) have experienced a data breach in their company’s history. Of companies that have been breached, 89% have been hit more than once in a year, and 69% of retail businesses have been breached upwards of three times in a year.

Check Please! How Restaurant, Retail and Hospitality Businesses are Managing Cybersecurity Risks – a joint study between Cornell and FreedomPay – is based on a new survey of small, medium, and large-size enterprises across the hospitality, retail, and food and beverage sectors.

“Especially over the past two years, cybersecurity has been top of mind for businesses as we navigate a highly complex eCommerce network,” said Chris Kronenthal, President of FreedomPay. “Retailers and hospitality businesses increasingly view their payments systems as more than transaction processing – they are important sources of data and customer insights. Merchants and consumers alike need the assurance that this data is being protected and managed properly.”

“These findings provide a baseline understanding of how key decision-makers are handling cybersecurity issues and offer key insights for optimizing and fortifying systems as we continue down this path of accelerated digital transformation,” said Professor Linda Canina, the Dr. Michael Dang Director of the Center for Hospitality Research at the Cornell Peter and Stephanie Nolan School of Hotel Administration.

Threats are rising, complexity abounds

With new cyber threats emerging daily both internally and externally, business leaders are juggling a full slate of concerns and challenges. Threats such as payment integrity (59%) and malware (58%) are the most cited concerns, with risk management (57%) cited as the biggest challenge leaders say their systems face. Companies also fear internal threats, with hospitality companies most frequently citing human error (86%) and lack of employee education (81%) as negatively impacting cybersecurity systems.

Businesses’ best efforts to protect themselves and customers are spurring growing complexity and system proliferation. The findings revealed three-quarters (74%) of companies use more than one cybersecurity system. Medium merchants (80%) are significantly more likely than small merchants (67%) to use more than one system. More than half of companies (56%) have many cybersecurity systems in many locations. Overall, companies are split on whether systems are governed by a single department (51%) or multiple (49%). Small merchants (57%) are significantly more likely to keep governance to one department, while large merchants (63%) are significantly more likely to have multiple departments involved.

Roadblocks remain

Businesses are challenged to balance security with customer preferences, with many implementing heightened cybersecurity measures to make their customers feel more secured and reassured when making a purchase. The study found that 91% of companies believe their customers deeply care about cybersecurity while 86% believe it increases customer loyalty. Yet, companies acknowledge the inherent tradeoffs – namely, two-thirds (65%) of leaders believe that customers are annoyed by extra security measures, and they want systems to be easy to use (67%).

Budgetary concerns may also play a factor in determining any potential system enhancements – among the few (15%) that currently do not have plans to enhance their system, they are most likely to cite preventative costs (61%) and an unwillingness to have a disruption in service (52%).

Despite these roadblocks, companies have said they are increasing or have increased their IT budgets, calling out the COVID-19 pandemic and technology as driving forces. Other notable findings include:

  • In the dark: More than one-third (35%) of surveyed leaders do not know how much of their company’s budget is spent on cybersecurity.
  • Bicameral opinion: While 91% of respondents agree that their customers do care about cybersecurity, 48% also believe their customers do not care about cybersecurity.
  • Inaction: Nearly all (96%) companies say they value the importance of security systems to protect their data, and 85% agree that their customers would be more satisfied if they had extra security measures in place. Yet, half (50%) have either not increased their IT security budget or decreased their budget since 2019.
  • Show me the money: Still, companies are divided on what precautions and guidance are worth the cost. Four-fifths (83%) of companies who do use a third-party to manage and secure information say this option is “more cost-effective” for their business, while half (51%) of companies who do not use a third-party supplier cite it as being “more costly” than their current process.
  • Checking the box? Almost all merchants (91%) are very or extremely confident that their company adequately trains end-users, relying on conferences and seminars (71%) to keep them trained and engaged. Notably, small (92%) and medium (95%) merchants are significantly more confident than their large (79%) counterparts, where the most common form of end-user engagement comes from training videos (82%).
  • Looking for a leader: A majority of companies (87%) say they would welcome involvement from the U.S. government to fight cybersecurity threats as well as enhance policy (84%). Large merchants (threats-76%, policy-74%) and retail companies (threats-81%, policy-75%) are significantly less likely to want the U.S. government involved.

The full report can be downloaded here.

Source: FreedomPay

related articles:

popular articles:

Thumbnail-Photo: Christmas World
23.01.2023   #event #marketing

Christmas World

03.02.2023 - 07.02.2023 | Frankfurt, Germany

The trade fair for the busiest time of the yearChristmas World focuses on the strongest-selling and most emotional time of the year and exploits the success factor of experience at the point of sale like no other consumer-goods trade fair. This ...

Thumbnail-Photo: NRF says GDP growth is slower but consumer spending remains positive...
02.01.2023   #retail #customer analysis

NRF says GDP growth is slower but consumer spending remains positive

Gross domestic product isn’t likely to grow as much in the final months of 2022 as it did in the third quarter, but consumer spending should remain strong

The National Retail Federation has published its GDP predictions for the last quarter of 2022. The results should hardly come as a surprise to close observers. ...

Thumbnail-Photo: e-Commerce Day
20.03.2023   #online trading #e-commerce

e-Commerce Day

05.05.2023 - 05.05.2023 | Cologne, Germany

e-Commerce Day by Kaufland – The trade fair for e-commerceThe e-Commerce Day by Kaufland opens its doors once again and invites industry newcomers, professionals and interested parties to Cologne to exchange views on current trends and ...

Thumbnail-Photo: Kraft Heinz optimizes product content for 3000 SKUs to win on the...
07.12.2022   #e-commerce #digitization

Kraft Heinz optimizes product content for 3000 SKUs to win on the digital shelf

Salsify assists Kraft Heinz in delivering a consistent brand experience across every digital and physical retail channel

Salsify, the Commerce Experience Management (CommerceXM) platform empowering brand manufacturers, distributors, and retailers to win on the digital shelf, announced it is helping The Kraft Heinz Company update retailer product content in just ...

Thumbnail-Photo: Retail Supply Chain & Logistics Expo
16.02.2023   #retail #event

Retail Supply Chain & Logistics Expo

28.02.2023 - 01.03.2023 | London, United Kingdom

Customers want faster delivery times and an easier return system. In order to deliver this, retailers need to adapt their supply chain, and have a seamless warehousing and distribution system.The Retail Supply Chain & Logistics Expo provides a ...

Thumbnail-Photo: VM & Display Show
17.03.2023   #event #displays

VM & Display Show

18.04.2023 - 19.04.2023 | London, UK

The Virtual Merchandising and Display Show is the longest running exhibition for the industryWhether you are a retailer, designer, in the leisure and entertainment industry or in fact use visual merchandising to promote your products or services in ...

Thumbnail-Photo: Collect&Go opens new walk-in pick-up point
31.03.2023   #online trading #brick and mortar retail

Collect&Go opens new walk-in pick-up point

The company's second walk-in pick-up store specially for cyclists and pedestrians opened in Brussels

Colruyt Group’s online shopping service opens a new walk-in city pick-up point in Saint-Gilles today. This is the second one, after Ixelles, to be equipped to meet the needs of city dwellers who collect their shopping on foot or by bicycle. ...

Thumbnail-Photo: Companies create association for the collective management of textile...
13.02.2023   #sustainability #fashion

Companies create association for the collective management of textile waste in Spain

Spanish branches of ten companies aim to manage textile and footwear waste through a collective system of producer responsibility

Decathlon, H&M, IKEA, Inditex, Kiabi, Mango and Tendam have created the "Association for the Management of Textile Waste", with the aim of managing textile and footwear waste generated in the Spanish market through a "Collective ...

Thumbnail-Photo: Security for brand and shopping experience?
05.01.2023   #e-commerce #customer relationship management

Security for brand and shopping experience?

How retailers can protect their business from cybercriminals

There are numerous steps retailers can and should take to improve their security posture, protect their brand, and ensure a safe shopping experience for their customers during the holiday season (and beyond). Once the shopping season has begun, ...

Thumbnail-Photo: Innovative Specials at EuroShop 2023
20.01.2023   #brick and mortar retail #retail

Innovative Specials at EuroShop 2023

Interactive areas for ideas and visions in retail provide new approaches for the future of inner cities and retail as well as multi-sensorial places

The Specials of EuroShop, the World’s No. 1 Retail Trade Fair, will again provide exciting impulses for the future of retail this year. From 26 February to 2 March 2023 the eight Specials in total will invite visitors to join in, network and ...

Supplier

SALTO Systems GmbH
SALTO Systems GmbH
Schwelmer Str. 245
42389 Wuppertal
Captana GmbH
Captana GmbH
Bundesstraße 16
77955 Ettenheim
salsify
salsify
7 rue de Madrid
75008 Paris
SES-imagotag SA
SES-imagotag SA
55 place Nelson Mandela
90000 Nanterre