Educating customers about cyber security threats

Educating customers about cyber security threats can drive engagement

In the fight against cybercrime, experts often consider consumers to be the Achilles heel of a security system. While it’s true that almost half of consumers act in a way that puts them at a higher risk of financial fraud, the root cause can often be due to not knowing what actually constitutes risky cyber behaviour in the first place.

“Worldwide spending on information security products and services” has been rapidly increasing, reaching $81.6 billion in 2016 and is expected to more than double by 2020. However, while corporate security is obviously a key weapon to combat cybercrime, it will never be fully efficient unless more is done to educate customers.

Companies can doubly benefit from considering their customers as partners in this fight. Enlisting them can help to diminish the number of incidences of cyber fraud and can also multiply the number of interactions between provider and customer. This, to cxLoyalty’s latest research, presented in The Connected Customer, can lead to increased engagement and loyalty.

Consumers still exhibiting poor cyber safety behaviour despite warnings
According to Get Safe Online, 25% of people in the UK have “a limited understanding of the risks they face when going online.”

Almost 60% of people in the UK say they don’t know how to manage and update their privacy settings on social media.

This might explain why a significant number of them still don’t take basic precautions, with 43% saying “they use the same password for multiple online accounts” and nearly a third admitting they never back up their documents and photos.

Padlock chain

This has prompted many experts in the field of cyber security to label people the “weakest link in the security chain.” In this context, you could expect companies to focus on developing simple tools to help customers evaluate their behaviour and learn steps they can take to protect themselves. Instead, more and more money is spent annually on sophisticated corporate cyber security systems, which have little impact on modifying customer’s behaviour.

Identifying the chink in the armour
Almost 40% of people believe there’s nothing they can do to combat cybercrime, according to a survey by Get Safe Online.

The consequences of this type of thinking can be far reaching for companies. Not only does it make securing their systems difficult but research conducted by Opinium also shows that 21% of victims of cybercrime become dissatisfied with the brand in question.

71% of consumers said they believed high-profile cyber attacks damaged an organisation’s reputation, 65% said it decreased their trust in the brand, while a further 53% stated they wouldn’t engage with the brand in future.

While many cyber crimes are not triggered by user actions, some of the most notorious are. Considered to be the most expensive virus in history, MyDoom, cost an estimated $38.5 billion. It spread thanks to people opening an email attachment unleashing a worm that sent itself to any address it could find. It also created a backdoor into the user’s computer allowing cyber criminals to control it remotely.

Social media is a treasure trove of information and opportunity for cyber attackers. Every day, more than 600,000 Facebook accounts are compromised, says Security Evangelist Andra Zaharia. Attacks can happen through the Like button or link hijacking, and phishing, which aim to collect personal information under the guise of a trusted entity.

According to Statista, “there are more than 1.6 billion social network users worldwide with more than 64% of internet users accessing social media services online” today.  Considering how intertwined companies are with their social media presence, the potential impact of the “human element” shouldn’t be underestimated.

The current approach toward predicting and defending against attacks hasn’t been very successful considering the many examples of corporate breaches every year. As long as a system is open to human interactions, and most are, companies could greatly benefit from investing more time and money into educating users instead.

Educating customers can enhance cyber security and engagement
As members of Financial Fraud Action UK (FFA UK), many organisations have already taken steps to provide their customers with information to set up safeguards against cyber attacks. The FFA UK’s Take Five initiative for example, provides impartial advice that’s easy to understand – a key component in getting consumers to buy into the war against financial fraud.

However, it’s only the first step toward cyber safety and it’s up to financial services providers, and companies in other industries, to follow up with their customers. This is where they can position their brand as a partner in the fight against cybercrime and make lasting connections in the process.

While many organisations already provide useful cyber safety information on their websites, they often take the form of a list of tips, which lack concrete solutions. Advice such as making sure to use a secure network, or investing in parental controls software is great but doesn’t consider the potential lack of know-how that might prevent customers from taking the next step.

To trigger engagement, companies need to take ownership of the content rather than simply providing links to governmental or non-profit organisations. Ideally, the process of learning about cyber safety should be an interactive, step-by-step experience that customers can easily understand and tackle on their own. Virgin’s age-specific interactive guide, Switched On Families, is a successful example, that has been called “clear, honest, practical and even fun advice that will help your family get the best from the web,” by Mumsnet.

Companies who fail to engage in this kind of support are missing a great opportunity to connect with their customers. The creation of lasting bonds with consumers comes, in part, from “the effectiveness of the brand’s ability to surround the customer through relevant products and dialogue,” found cxLoyalty’s research.

Immersion in a brand is a key stepping stone to loyalty that requires “the customer remains engaged in the relationship,” which is much more likely to happen, says the research, when “the company is able to become a part of a customer’s everyday life.”

Provide peace of mind through concrete solutions
One key tool companies could create is a risk calculator, which could serve as a portal to their cyber safety services and products. This could take the form of a branded multi-channel interactive tool that asks customers a number of questions related to cyber safety, such as: “Have you changed your password in the last six months?” The end result would be a Risk Behaviour Score accompanied by actionable steps.

For example, if a bank customer never changes their password, they could be directed to their account where they could change their password on the spot. A telco or other company offering cloud services could ask when a customer last backed up their photos and videos and redirect them to a step-by-step process to do just that.

According to cxLoyalty’s research, “the number, type and frequency of interactions a customer has with a company, the deeper that relationship becomes.” The Customer Engagement index, which measures the impact of rational and emotional factors that work together to drive engagement and loyalty, shows a significant increase (13% above average) when brands offer their customers protection solutions.

cxLoyalty’s Spectrum of additional products
cxLoyalty's Spectrum of Additional Products

The risk calculator could tap into the growing trend toward using gamification to trigger engagement. Gamification is “the practice of synthesising the best ideas from gaming, loyalty programs and behavioural economics, with the aim of driving user engagement over indifference.” Customers could receive regular invitations to take the test again to see how they’re doing. Many of them would appreciate their provider’s attention and ultimately, the process would also improve the company’s cyber security.

Such a tool would fulfil a company’s need to protect its business against cyber attacks, improve customers’ knowledge in matters of cyber safety and, ultimately, the partnership would lead to stronger bonds between client and service provider.

Enlisting customers as partners in the fight against cybercrime makes good business sense. First and foremost, it helps organisations plug the greatest hole in the cyber security fence – unknowing humans.

But it does much more than that in terms of customer engagement. Not only does it multiply quality interactions between a service provider and its customers but it also drives further engagement by empowering customers who feel grateful toward the company that gave them peace of mind.