New research from Akamai reveals that most UK shoppers would refuse to buy from an online retailer that has suffered a data breach. Credit: Thinkstock UK retailers that suffer cyberattacks risk losing customers who have certain expectations about the security of their personal data, new research from Akamai has revealed. What’s more, those that do suffer data breaches could face action from customers seeking compensation. The findings come in the wake of new guidance from the UK’s National Cyber Security Centre (NCSC) designed to help online retailers protect themselves and their customers from cybercriminals.Cybersecurity a key dampener of British consumer confidence in retail sectorAkamai’s findings come from YouGov data of 2,171 UK adults and reveal a distinct connection between customers’ perceptions about a retailer’s cybersecurity and their spending habits. The majority (59%) of online shoppers surveyed said they would stop shopping at a retailer if it was the victim of a cyberattack, whilst 49% stated they do not trust retailers to keep their personal details safe and 46% would expect compensation from a retailer following a breach.Furthermore, 70% of online shoppers said they assess how secure a retailer’s website looks before buying with 91% claiming they would abandon their shopping cart if a website did not appear secure enough. The majority (59%) also said they would tell their friends to stop shopping with a retailer if it had been the victim of a cyberattack, whilst 79% of respondents prefer better data security over a more personalised shopping experience.As for customer expectations around how retailers should address their cybersecurity strategies, 76% of those surveyed said they expect retailers to invest heavily in data protection and security as opposed to educational campaigns or communications (37%). Commenting on the research, Richard Meeus, director of security technology and strategy EMEA at Akamai, said, “With cyberattacks on the rise, it is more important than ever for retailers to ensure their customers feel safe and secure while shopping online. At this time of economic uncertainty, many retailers will be tempted to cut budgets. This research shows that cybersecurity is one area where they cannot afford to cut corners. Consumers are ready to walk out on retailers over bad cybersecurity.” UK retailers urged to ditch password-only authentication, tackle website spoofingIn September, the UK NCSC published two pieces of new guidance for online retailers to help them improve cybersecurity and protect themselves/customers from cybercriminals. The first focused on helping UK organisations select appropriate methods for authenticating their customers beyond relying on passwords, which can be easily stolen and exploited. Instead, the NCSC said that online retailers should implement additional methods of authentication, which make abusing customer accounts more difficult for criminals. The guidance focused on four enhanced authentication models specifically:Multi-factor authentication (MFA)OAuth 2.0FIDO2Magic links and one-time passwordsThe second piece of guidance was aimed at helping businesses protect their brand from being exploited online, with specific focus on the removal of malicious content such as phishing sites. These typically spoof well-known retailers to exploit brands and customers, leading to false representations of products or services, fake endorsements, and credible-looking malware campaigns, the NCSC stated. Its guidance set out the steps online retailers can take to initiate the takedown of malicious content, which includes contacting abused hosting companies and domain registrars in addition to the mechanics of obtaining the services of a specialised takedown provider. Related content news analysis Cisco unveils AI-powered assistants to level up security defenses New AI-driven tools aim to simplify and bolster policies, alerts and prevention to reduce complexity when setting security policies and assess traffic without decryption. By Rosalyn Page Dec 05, 2023 5 mins Encryption Cloud Security brandpost Sponsored by Microsoft Security How Microsoft and Amazon are expanding the fight against international tech support fraud By partnering with other companies to share vital information and resources, Microsoft is taking the fight to ever-evolving support fraud in 2024…and beyond. By Microsoft Security Dec 05, 2023 1 min Security news analysis Russia's Fancy Bear launches mass credential collection campaigns The campaigns exploit Outlook and WinRAR flaws to target government, defense, and other entities, and they represent a change of tactic for the APT28 group. By Lucian Constantin Dec 05, 2023 5 mins Advanced Persistent Threats Critical Infrastructure Vulnerabilities brandpost Sponsored by Palo Alto Networks Addressing vulnerabilities in OT environments requires a Zero Trust approach Here’s a rundown of why manufacturers are so exposed and how Zero Trust can help solve many security issues. By Navneet Singh, vice president of marketing, network security, Palo Alto Networks Dec 05, 2023 6 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe