CA Technologies Study Uncovers a Major Gap in Perception of Digital Trust Among Companies and Consumers in Asia Pacific and Japan CA Technologies today unveiled the Asia Pacific and Japan (APJ) findings of its inaugural “Global State of Digital Trust Survey and Index 2018” study. The report found that the Digital Trust Index for 2018 in the APJ region is 63 points out of 100, a score indicating consumers’ flagging confidence in the ability or desire of organizations to fully protect user data. One of the key findings from the survey is that there is a 13-point gap between the Digital Trust Index of consumers (63 percent) and the perceptions of business decision makers and cybersecurity professionals (76 percent) in APJ, signifying that business leaders overestimate consumer trust in their organizations. This perception gap can lead to complacency amongst businesses and undermine organizations’ efforts to understand the importance of consumer trust, improve their security infrastructure and enforce data protection policies. “As businesses across every sector create new online goods and services for their customers, they are consuming an increasing amount of personally identifiable user data. The degree to which consumers have placed their trust in organizations to protect their information is more critical than ever,” said Jarad Carleton, industry principal, Frost & Sullivan. “At the same time, there is an increasing distrust in APJ that businesses will be good stewards of the data they collect without strong oversight. There is a lot of work to do to earn back consumer trust, and organizations need to know how to get started.” Misplaced Confidence in Data Stewardship Capabilities Evident in APJ Organizations The study found that 89 percent of business executives and IT security professionals in APJ stated that they are very good at protecting consumer data, exhibiting a high level of self-confidence in their organization’s role as data steward. Additionally, more than nine in ten (92 percent) of the business and IT respondents believed that better data privacy is a point of differentiation for them against their competitors. However, businesses are not demonstrating that they are taking the right steps to protect consumer data. Nearly three in four (73 percent) of business executives in the region indicated that they used consumer data that includes personally identifiable information (PII) internally. What is even more alarming is that 40 percent of APJ business executives surveyed admitted to selling consumer data, including PII. At the same time, only 17 percent of cybersecurity professionals knew that their company was selling data. This significant disconnect and lack of communication on how consumer data is used within the company can severely compromise these organizations’ ability to safeguard their customers’ data from internal and external abuse. Digital Trust Deficiency Can Lead to Customer Churn and Revenue Losses The study found that 33 percent of the APJ consumers reported that they currently use, or have used in the past, services of organizations that were involved in a publicly disclosed data breach. Amongst these respondents, more than half (54 percent) have stopped using the services of an organization because of a data breach. This is a particularly concerning finding for businesses as the cyberthreat landscape is constantly evolving and attack vectors are ever-expanding. For organizations, it is not a question of if a breach will occur, but when. In APJ, 38 percent of business executives admitted that their organization has been involved in a publicly disclosed consumer data breach in the last year. And approximately three in five of these respondents indicated that the data breaches had long-term, negative impact on consumer trust (59 percent) and business results (63 percent). The study also found that despite the growth of this region’s e-commerce and digital economy, 13 percent of consumers with low digital trust still reduced their spending on online shopping and services over the last year. This is more than four times higher compared to consumers with high digital trust where only three percent have decreased their spending. These findings not only illustrate how consumer trust in online services drives usage patterns, but how the loss of digital trust can undermine business growth. In addition, the lack of digital trust can also impact the rollout and adoption of new digital services. In fact, only 22 percent of consumers with low digital trust are more receptive to use an organization’s app to access their services, compared to 46 percent of consumers with high digital trust. Furthermore, only eight percent of the consumers with low digital trust in the region are willing to provide their personal data in exchange for digital services, compared to 77 percent of the consumers with high digital trust. “Asia Pacific is home to 1.9 billion internet users, or half of the world’s digital population. As consumers are increasingly transacting online, organizations here have access to vast amounts of data, from personal information to user behavior. The responsibility to protect data has never been more vital,” said Gene Ng, vice president, Security, APJ, CA Technologies. “For our digital economy to continue to thrive, consumers need to be confident that their personal data is being collected, stored and used in a manner that benefits and protects them. That is whyunderstanding what drives digital trust is of paramount importance to business leaders.” Building a Trusted Digital Economy for APJ In order to earn back the trust of consumers, businesses need to re-examine their stance on data stewardship. This means examining their policies for using consumer data and being more transparent with their users about how the information is being used. It also means taking greater care when sharing or selling data to ensure that they uphold stringent standards of protection. Besides policies, technology also plays a fundamental role in reinforcing digital trust. Ninety percent of cybersecurity professionals in APJ highlighted that it is critical to use identity access management technology to safeguard consumer data while 87 percent stated that implementing user behavior analytics to identify suspicious activities is vital. “Companies also need to adopt a security-driven culture across their entire organization. This involves authorizing access to only those who need to use the data while deploying cybersecurity best practices, such as implementing a comprehensive identity and access management solution to protect data assets. These measures are not only essential for delivering a secure user experience and restoring consumers’ trust in the organization, they will also mitigate the risk of losing half of the company’s customer base due to a data breach,” Gene concluded. About the 2018 Global State of Digital Trust Survey and Index Conducted by analyst firm Frost & Sullivan, the inaugural report, titled “Global State of Digital Trust Survey and Index 2018,” highlights how consumers perceive and trust organizations to protect their digital data. The report surveyed a total of 990 consumers from ten countries globally, including 390 respondents from Australia, China, India and Japan. The survey also included significant data about how business leaders and cybersecurity professionals at organizations view their responsibilities of data stewardship, the licensing of consumer data to third parties and the technologies they are implementing to protect data and customer privacy.