Management / #TEISS16: Balancing a smooth customer experience and good cyber security
#TEISS16: Balancing a smooth customer experience and good cyber security
25 February 2016 |
With consumers demanding more than ever from firms both in terms of customer experience and cyber security, it can be difficult to strike a balance between the two.
A panel at The European Information Security Summit 2016 discussed what businesses need to consider when making decisions concerning security and productivity.
BT chief privacy officer Mark Keddie said: "It's fair to say that the relationship between privacy and security has never been more in the headlines in the telecoms business."
He alluded to the recent cyber attack on TalkTalk, which was just one of a series of breaches at businesses that have exposed customers' information.
Internet service providers (ISPs) are in a special position, he explained, because they capture so much data on individuals' browsing habits and online activity.
"An ISP can build up a picture of your life very quickly," Keddie said.
"You have that freedom to move around the internet and there's a duty to keep that information safe, and that's why recent incidents have made the headlines... It comes with an expectation of reliability, safety and performance."
The financial industry also processes large quantities of sensitive customer data.
Nationwide Building Society group risk director Michele Faull said the challenge is striking a balance between keeping customers safe and providing a good level of service.
She said security is "a fundamental assumption" when customers join a bank.
"I can't imagine any bank asking, 'Do you want a safe bank or a bank that's not quite as safe?'" she said. "I think it's a given.
"People expect their bank to be safe and secure, and we have not yet really seen the effect of a cyber attack successfully on a bank and we're all working very hard to keep it that way."
She added that sometimes customers can complain about security measures that complicate the customer experience, but that it is the duty of organisations to explain why these are in place.
"What not everybody does yet is make the link between the hoops they feel they have to jump through to use the product and how they make that product safe," Faull said.
But customers are not the only ones demanding a good level of information security.
When offering tickets on big-name events, the aforementioned balance between security and service is extremely important for events website Ticketmaster.
"When we work with large organisations, such as the Olympics, there are a huge number of hoops we have to jump through," said its senior director of information security Nick Green, referring to targets involving security and performance.
That said, consumers can demand explanations when cyber breaches hit the headlines.
This can mean businesses have to reassure their customers when similar firms suffer breaches or when people discover vulnerabilities in services.
"We very actively work with PR to address those concerns from the public," Green said.
"We also have security professionals who come to us and spot a bug in our site and we work to resolve those issues."