As marketers love to point out, we are living in "The Age of the Customer", a time when Customer Experience (CX) has risen to the forefront of brands' survival in the digital world.
In the last few years, the rise of mobile, technology savvy customers with increasingly high expectations has changed the business landscape significantly. As well as having access to more information, today's customers are vocal and unafraid to use social media to advocate or vilify brands.
We are also in another age too - the age of cyberwarfare. In recent years, there have been a number of high-profile hacks and security breaches in the news. These include the hack of one billion Yahoo accounts in 2013, a large Sony breach in 2014, a hack of 80,000 million U.S citizens' healthcare records in 2015 to name a few.
These attacks are not even the tip of the iceberg. In 2016, ransomware became the official favourite for cybercriminals with Kaspersky noting that attacks tripled between January and the end of September. It is now estimated that every 40 seconds, somewhere, a company is under attack, and an individual every 10. We're only in July, and so far this year we have already seen the spread of two massive global ransomware attacks (WannaCry and Petya).
Two common misconceptions about cybercriminals are that they only target large companies and are more focused on big economies like those of Europe or North America. But being a small business or located in Australia will not make you immune from cyberattacks. On Tuesday, experts at a security event in Sydney concluded that Australian businesses of all sizes need to prepare themselves for the next inevitable wave of attacks.
You might also be interested in the Press Release. Australian businesses 'worryingly underprepared' for rising ransomware threat: experts
"Business owners are understandably focused on the day-to-day challenges of running their business," said David Cohen, Founder and Managing Director of SystemNet. "But unfortunately this means they are not paying sufficient attention to cybersecurity."
"Every business needs to have a clear strategy in place when it comes to cyber security, and formation of that strategy has to start at board level," said Monica Schlesinger, Principal of Advisory Boards Group International. "The strategy must take into account the evolving threat environment and clearly outline the steps that will be taken to minimise the risk of attack.
The fact that we are simultaneously living in the Age of the Customer and The Age of Cyberwarfare means that companies must find an adequate balance between CX and security. Walking this tightrope is no easy feat: tighten security too much, and you risk deterring customers by adding friction; loosen it too much, and you risk endangering their data and losing them forever or even litigation.
With all the news of cyberattacks, security is starting to occupy a prominent position in the minds of consumers, but the very security they crave is being undermined by several trends.
The first is the movement to cloud-based platforms. While the cloud may offer us convenience, there are huge risks associated with storing your data online with a few select companies. Some celebrities learned this in 2014 when the breach of Apple iCloud accounts led to a leak of almost 500 of their intimate pictures. The second is the use of mobile devices to make purchases. Mobile gives cybercriminals an additional opportunity to attack, especially over public Wi-Fi networks. The third is the use of email and social media which are prone to security vulnerabilities and provide a great avenue for spreading attacks. All three of these trends (the cloud, mobile, social) are convenient and can be used to improve CX, but they introduce significant security risks too.
With security and CX seemingly at odds with each other but equally important, comes a question – what can we do about it?
This brings us to the third age we are also living in – The Age of Personalisation – and a possible solution to the security/CX dilemma.
Check out our recent webinar: The Age of Ultra-Personalisation
The problem with the common approach to security is to take a one size fits all approach – giving the same security options and measures to all customers. However, it doesn't have to be this way. Since we are personalising everything else, why not personalise security too? Perhaps Baby Boomer customers and Millennials have different thoughts on how they'd like their passwords managed. For example, while a Baby Boomer might be happy with basic two-step verification, a Millennial may demand to use biometric identification such as a fingerprint scanner. Why should these very different customers be treated the same?
Last August, research by global management consulting firm McKinsey & Company found that higher security burdens resulted in customers remembering an average of 14 passwords and partaking in complicated authentication experiences. You would think that after all that, people would be satisfied with security but other studies show that consumer trust in digital security and privacy are declining. McKinsey & Company identified that companies should explore separating their customers into three categories to provide the best authentication experience.
The first category accounts for roughly 30% of the population and describes those who prioritise convenience over security. These customers still want security, but they prefer to access their account via automatic device recognition. The second category represented the flipside – the 10% of people who place a very high value on security and prefer the idea of a one-time password. The remaining 60% land in the middle and are willing to make tradeoffs in both convenience and security. Once companies have ascertained which of the three categories a customer belongs in, data analytics can be used to apply customer preferences across the elements of authentication.
We live in complex times - simultaneously the eras of The Customer, Cyberwarfare and Personalisation. Companies need to be more mindful than ever of security measures but at the same time should be looking to re-engineer them from the customer's perspective. Only then will they be able to provide adequate security while still maintaining great CX
Photo Credit: Christoph Scholz