The Risk of Jaded Consumer Attitudes Toward Cybersecurity

The financial industry has increasingly been a target for cyberattacks as banks accelerated their digital transformation initiatives to maintain operations during the pandemic. While protecting against cybercrime has always been a top priority, the complexity and volume of attacks indicate that cybersecurity will remain one of the most important tasks banks face.

Consumers are feeling the impact, too. A recent CSI survey found that 85% of Americans reported cybersecurity concerns when it came to their personal confidential data. But that figure is down from 92% of Americans expressing cybersecurity concerns in a 2019 survey from CSI. The number of respondents not concerned about cybersecurity increased 7 percentage points compared to 2019, which could indicate that many consumers are becoming desensitized to cybersecurity risks.

It’s possible the size, scope and frequency of cybersecurity attacks makes these breaches appear abstract and distant to the average American. The constant media coverage could also contribute to a broader jaded attitude toward the seriousness of cybercrime risk that some consumers now hold.

When taking these factors into consideration, it is likely that a growing percentage of bank customers have fatalistic acceptance of cybersecurity breaches. As evidenced in CSI’s survey, this acceptance has resulted in lower security standards and more lenient practices in customers’ personal lives, which could ultimately increase the likelihood of their becoming victims of cyberattacks. And broader adoption of this mindset among consumers could have further adverse effects for financial institutions, making cybersecurity education a top priority for banks.

While cyberattacks may seem inevitable, there are consequences for financial institutions and consumers alike. There’s no doubt cyberattacks can cost banks money to resolve, but there are also reputational implications that can be harder to overcome. Banks that experience a cyberattack may face lower customer retention and adoption rates due to their tarnished reputation post-breach. According to CSI’s survey, nearly half of respondents (48%) strongly or somewhat agree they would leave their institution if it suffered a breach.

Additionally, consumers who are lax with cybersecurity awareness increase the risk they’ll fall victim to cyberattacks, including, but not limited to, identity theft and stolen card information. Due to the vast amount of time and resources often needed to resolve these threats, banking customers should take precautions to protect themselves. And to mitigate this risk and prevent attacks, institutions should, in turn, provide education and promote good cyber hygiene to their customers.

According to CSI’s survey, 69% of respondents claim they know what to do if their personal information is compromised. However, additional research suggests that consumers may be overconfident in this assessment. The Norton Cyber Safety Insights Report revealed that 46% of Americans don’t know what to do if their identity gets stolen, and 40% admit they don’t know how to protect themselves from cybercrime.

This data suggests an opportunity for banks to educate their customers about how to react when they notice suspicious activity and ensure that customers can easily obtain assistance if they suspect a breach. Banks that prioritize customer education have the potential to become experts in cybersecurity advice and resolution, which could expand their market reach.

As the frequency of cyberattacks continues to increase, it is vital that bank customers recognize the signs of cyber threats and react appropriately to suspicious activity. Their awareness is an important first step in the fight against cybercrime; as evidenced in the survey, awareness among consumers on the importance of cybersecurity needs to be higher than its current level. Banks should create tailored campaigns to educate their customers and provide actionable tips and insight on how to best protect themselves from attacks.

Looking ahead, banks should also embrace a layered approach to cybersecurity to strengthen their defenses, including continued customer education that reinforces the importance of cybersecurity awareness and best practices for staying secure. Banks that provide valuable education and promote cybersecurity awareness have the opportunity to increase new business through knowledge sharing while retaining current customers by building trust and maintaining strong brand reputation.