skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration

Ovum view


Major players across a variety of consumer-facing industries have been targets of cybersecurity attacks in recent years (e.g., Anthem, Sony, Target, Home Depot). Therefore, the security of consumer data is rapidly becoming an issue that companies have to prioritize not only in their cybersecurity/IT infrastructure agenda but also within their public relation endeavors. With increasing consumer awareness/education about the type and amount of data stored and the sheer number of privacy breaches, consumer skepticism about the perceived responsibility felt and preventative actions taken by companies is increasing.

The public court of opinion becomes increasingly expensive for organizations that do not invest in cybersecurity

By mid-2018, according to Ovum's data sovereignty survey, 77.6% and 70.5% of regulated/sensitive data will be held on cloud or mobile applications, respectively. The influx of sensitive data across enterprise operations, healthcare providers, and government operations, alongside unregulated employee access to consumer data, makes security much more difficult to achieve. Global security practices need to be improved – only 44% of Ovum survey respondents monitored user activity and had policy-based triggers and alerts in place, and only 53% classify their information assets to facilitate controls.

Many companies only factor in the legislative risk of fines when deciding against investing in cybersecurity systems/measures – over 50% of survey respondents plan to pay these fines, often discounting the associated costs to their brand image when making budgetary decisions about security. Furthermore, consumer awareness of companies who maintain data profiles for monetary pursuits is growing – a cybersecurity attack on one of these companies may be scrutinized more severely by the public, often causing irreversible brand damage.

Vulnerabilities can arise from both improper training and system issues; the average breach detection and remediation timeline is approximately 200 days. Manageable vulnerability issues and long remediation timelines will make consumers increasingly averse to the affected companies. As consumers – who are already increasingly concerned with data privacy – become more aware of these issues through increasing media and political coverage, they are more likely to view these breaches as direct, preventable violations of consumer trust rather than just minor business lapses. The total cost of a data breach over a three-year span, for example, must also count fiscal damage to more intangible assets, such as brand goodwill – adding to the long-term expense of a breach.

Even if a business adopts the best technology and usage approaches to prevent a breach through continual monitoring, comprehensive training, and investment in up-to-date technology, breaches are bound to happen. They can be caused be simple off-the-shelf malware through to well-resourced, advanced, persistent threats. The quickest way to mitigate the legislative and public-facing risks is to adopt a balanced, responsive, and transparent approach. Common steps include advising users on identity theft and the regular need to change user credentials as well as addressing industry regulation issues. While legal risks behind pre-remediation disclosures are an important consideration, many class-action lawsuits are predicated on the abuse of or harm caused by acquired data – both of which can be reasonably mitigated by fast and transparent disclosure.


Further reading

Data Privacy Legislation Impact on Enterprises, IT0018-001493 (April 2016)

Framework: Dealing with a Cyber-Security Breach, IT0022-000621 (February 2016)


Rishi Kaul, Research Analyst, Information Management

Recommended Articles

  • Service Provider Markets, Consumer & Entertainment Services,...

    MWC 2018 Highlights

    By Ronan De Renesse 27 Feb 2018

    Over 20 of our senior Ovum analysts and consultants attended this year’s Mobile World Congress in Barcelona at the end of February. In between meetings, briefings and presentations, our analyst team were blogging and tweeting about key developments, trends and rumors. Have a look through our daily MWC 2018 Highlights to find out what happened.

    Topics 5G AI IoT Cloud Payments SDN/NFV Smart home

  • Enterprise Decision Maker, Enterprise IT Strategy and Select...

    2017 Trends to Watch: Big Data

    By Tony Baer 21 Nov 2016

    The breakout use case for big data will be fast data. The Internet of Things (IoT) is increasing the urgency for enterprises to embrace real-time streaming analytics, as use cases from mobile devices and sensors become compelling to a wide range of industry sectors.

    Topics Big data and analytics IoT

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now