Digital reputation: How can SMEs reassure consumers about cybersecurity?

Trust matters online. Consumers need to know their personal data is secure, but what actions do they expect from the brands they shop with? We examine which factors are most important in building a good digital reputation. 

Research shows that web users in Canada expect brands to treat their personal data with respect. They are also more likely to shop with online companies that they trust; that’s why building a strong digital reputation is important.

Of course, companies must comply with data protection laws, but it can be hard for customers to assess how safe a brand is beyond that. Research consistently shows that people look to other people for advice, relying on online reviews and recommendations from friends and family. So what can brands do to show they take data protection seriously?

To understand more about how small-to-midsize enterprises (SMEs) can manage their digital reputation, we surveyed almost 1,000 web users in Canada. Last time, we looked at consumer attitudes and actions around online privacy. In this article, we explore how brands can demonstrate their trustworthiness to potential customers online. You can scroll down to the bottom of this article for a full methodology.

How well do web users recognize cybersecurity risks?

Overall, people responding to our survey showed high awareness of the risks related to online crime, data loss, and scams. More than one-third (36%) said they are extremely concerned about cybersecurity, with another 46% saying they are moderately concerned. Only 3% said they have no concerns at all. This is hardly surprising, given that 31% of respondents say they have been the victim of online scams such as buying fake products.

For many, fears about cybersecurity are growing. While 48% said their level of concern is around the same as it was a year ago, 45% said they feel more worried. This latter group identified a range of reasons for the increase, including the fact that attacks are becoming harder to spot, as well as increases in the frequency of various attack types.

Any brand that operates online should know that customers are concerned about their data and what might happen to it if it fell into the wrong hands. This is why digital reputation is important for consumers, as a large majority (87%) report preferring buying from companies with a reputation for protecting customers’ personal information. 

How do consumers know how secure your site is?

Companies can draw on many tactics to make the online shopping experience safer, but by far the most reliable in consumers’ eyes is a payment security system. 75% said this would be in their top three features that reinforce trust before carrying out an online payment, followed by data encryption (chosen by 46%), and assurances around data security, such as demonstrating compliance with GDPR and being transparent about how cookies are handled (36%).

According to our research, by far the most common way in which web users gauge the trustworthiness of a brand is through other people. In fact, reading online reviews from other customers was the most frequently given security measure that people take when shopping online. This came slightly ahead of general research about the company’s digital reputation and asking friends about how reliable a brand is.

Overall, people were less likely to look at objective measures of how secure a website is, such as the security certificates it has or whether the site has security accreditation such as badges and quality seals.

65% of people say they moderately trust these badges and seals and only 7% say they trust them completely. Those who don’t trust them (13% of respondents overall) say this is because they don’t know if the badges are real or not and that they aren’t aware of the bodies that provide the accreditations.

How transparency can help your digital reputation

In our survey, web users consistently say they expect transparent communication about data security from the brands they transact with.

The vast majority expect companies to be transparent about how they mitigate risks regarding data security. 46% say they want to know exactly how companies are making their data secure, and another 45% agreed, saying they would like to have more information than they currently do regarding a brand’s digital reputation on the topic of data protection. They mostly look for this information to be provided on companies’ web pages or sent via email, either directly to them or as part of a newsletter.

People appreciate total transparency in the event of a data breach or other security incident. The top three actions that people in our survey expected in these situations were:

1. A breach notification (66%)
2. Information on the extra security steps that will be implemented going forward (59%)
3. Instructions on how to secure a user account (56%)

Other steps, such as notifying governing bodies, were less important to customers, but may still be a legal requirement for your business, depending on the circumstances.

Do consumers trust digital data privacy laws to protect them?

Data protection legislation has become stricter in the past few years. Globally, laws like the General Data Protection Regulation (GDPR) in the European Union, and the California Consumer Privacy Act (CCPA) have led the way in setting out standards of practice for handling personal data. Closer to home, the Personal Information Protection and Electronic Documents Act (PIPEDA) regulates how private organizations in Canada collect and handle personal information (of both customers and employees) in the course of their activities.

However, nearly one-third of the web users in our survey can’t say for certain whether these laws had had any effect on how companies handle data. 31% said they aren’t sure if these regulations have enforced better data practices or aren’t aware of them at all. 16% say they have had no effect, and 44% say they have had some effect, though more can be done.

There was widespread support of punishments for companies that fail to meet their data security obligations. Many web users (64%) were keen to see compensation schemes for customers; some (58%) also wanted to see high fines, (51%) suspension of trading rights, and (50%) legal prosecutions for those responsible for incidents.

Is AI affecting consumer trust in companies?

Companies are increasingly using artificial intelligence (AI) to automate some of their business processes. These include providing product recommendations, monitoring email inboxes to filter out spam, and powering chatbots that can interact with customers.

While product recommendations have been common for a long time, new services like ChatGPT, released in late 2022, are disrupting the field by creating realistic text, video, and images based on interactions with humans. This raises many ethical questions about ownership, authenticity, and sourcing of online content.

People in our survey tended to feel neutral about the impact AI might have on the trustworthiness of a company’s digital reputation. But many more said they don’t trust the companies that use it than those who said they do.

In any case, transparency about how AI is used is vital in maintaining trust. 36% said it is extremely important and another 32% said it is somewhat important. Only 6% said it isn’t important at all.

In summary: act responsibly and let your customers know about it

Building a digital reputation as a trustworthy online business is not difficult in concept, although the implementation may be.

Customers expect companies to behave responsibly by applying appropriate safeguards for their data, adhering to good cybersecurity practice, and complying with (and even exceeding) relevant legislation.

A significant part of this responsibility means companies being transparent about the actions they take. They should make it clear to customers how data is handled, what risks are present, and when their data has been compromised; these are the elements that can convince customers they’re dealing with a company with a strong digital reputation.