Photo by ijeab on Vecteezy
Opinions expressed by contributors are their own.
As our daily lives move increasingly into the cybersphere, so have malicious digital actors proliferated, seeking to exploit vulnerabilities in cybersecurity systems to extract sensitive commercial and personal data.
According to the ID Theft Center’s Annual Data Breach Report, incidences of cyber security breaches in the US increased 72% from the previous alltime high in 2021, affecting a staggering 350 million customers.
It’s a trend repeated in the UK, where half of businesses have reported breaches and attacks in the last 12 months, according to a UK government report from April 2024.
Unsurprisingly, larger organisations, who often hold the most commercially valuable information, are most at risk. According to the same report, 74% of large and 70% of medium businesses have reported incidents.
But while the business need to protect sensitive data from malicious actors is clear, there is a second side to the story that is often overlooked: customer trust.
Customers are now more exposed to the impact of cybersecurity breaches than ever before. According to Bitdefender’s 2024 Consumer Cybersecurity Assessment Report, 24% of customers experienced a cybersecurity incident in the year 2023.
And in one of the report’s most surprising findings, young people were much more likely to experience a cybersecurity breach: 37.5% of 1624 year olds reported a security incident in 2023, compared to just 11.9% of people aged 55% or over.
It’s more important now than ever for companies to establish robust cybersecurity systems not only for regulatory compliance, but also to reassure the more digitally conscious — and vulnerable — generation that their sensitive personal information is in safe hands.
Addressing the cybersecurity threat
As the number of highprofile cyberattacks increases, it’s no surprise that bolstering corporate cyberdefences is at the top of the legislative agenda for European governments.
Announced during the King’s speech in July of this year, Sir Keir Starmer’s new Labour government has pledged to deliver a Cyber Security and Resilience Bill, expected to be put before Parliament in 2025.
The Bill would address the ‘urgent update’ needed to British cyber legislation that has reportedly fallen behind those of the EU, from whom the UK’s current set of regulations are inherited.
The regulation the Government is referencing is the EU’s NIS2 Directive, an update to the previous NIS Directive passed by the EU Parliament in 2022 which will require companies in critical sectors to implement cybersecurity policies and training, in addition to stringent reporting requirements in the case of a cyber breach.
Getting ahead in cybersecurity to build consumer trust
But while the imperative for businesses to align with new governmental cybersecurity regulations is clear, there are a number of benefits to going beyond the legal minimum.
According to PwCs 2025 Global Digital Trust Insights survey of over 4,000 businesses and technology leaders, 57% of executives believed cybersecurity gave their companies a competitive advantage.
And their beliefs are well justified: according to a report published by McKinsey, 85% of consumers believe that knowing a company’s data privacy policies are important before making a purchase.
In fact, the World Economic Forum has gone as far as to argue companies should treat cyber security as a ‘strategic tool’ to build trust with customers.
Take Dahua Technology, for example, which has implemented a suite of measures including vulnerability management and incident reporting policies, cryptography and encryption measures, product security management and risk assessments policies to ensure the company is fully compliant with NIS2.
Dahua has since announced it has been awarded the Common Criteria EAL 3+ certificate, along with certificates for Information Security Management System, Privacy Information Management System and CSA STAR certifications, demonstrating to its customers a commitment to meeting the highest standards of information security and privacy protection.
Conclusion
As cybersecurity incidents proliferate, it’s no surprise that customers are increasingly concerned that the companies they entrust their personal data with are well placed to protect it.
Going beyond the minimum requirements for cybersecurity compliance by achieving internationally recognised certifications, as Dahua Technology has done, is an effective means of building consumer trust by demonstrating commitment to the highest standards of cyberprotection.
