Banking on trust:
How consumer banking behavior is swayed by security
Cybersecurity posture influences bank choice for 1 in 5 consumers
36%
admit a major data breach would
make them think twice
80%
of consumers believe banks should
provide bank staff with comprehensive
cybersecurity training that focuses on
identifying and mitigating cyber risks
85%
of consumers consider it important
or very important for their bank to
provide such training to interested
customers
Security. Loyalty.
Persuading internal stakeholders to invest in cybersecurity can be mildly rage inducing. But it’s more than another line item on your tech procurement docket—it’s the cornerstone of your organization’s integrity, playing a pivotal role in protecting your data, your revenue, and, most importantly, the trust you’ve built with your customers.
If you’ve landed on this page, it’s likely safe to assume we’re preaching to the choir. But let’s flip the script for a moment and consider the customer’s viewpoint. Cybersecurity isn’t just about behind-the-scenes safeguarding; it’s also about openly valuing customer data and using it as a competitive advantage. But, how much notice do they take of your cybersecurity policy? Does it weigh heavily on their decision when choosing or changing a bank? And if the unfortunate happens and customer data is compromised, does a bank’s response have an impact on customer loyalty?
We asked 1,000 US and UK consumers to gauge the magnitude of how much cybersecurity posture influences their behavior.
You’ll find the key insights on this page. And you can download the full dataset…here! 👇
Access the full study insights to discover the future of cybersecurity training tailored to today’s digital workforce.
Consumer taste for security
STAT: 36% admit a major data breach would make them think twice
Picture this: a bank that offers great rates and has a solid, publicly discernable cybersecurity posture.
It might not be the first thing to catch the eye, but for 23% of consumers, it’s an important factor. While 41% don’t actively consider it, 36% admit a major data breach would make them think twice.
Banks have a unique opportunity to shine a
spotlight on their cybersecurity efforts and, by extension, attract customers who value peace of mind.
Is cybersecurity a factor in your decision to choose a particular bank?
Which of the following do you think is true about a bank’s responsibilities? (Select all statements you agree with)
Compliance à la carte
STAT: 80% of consumers believe banks should provide bank staff with comprehensive cybersecurity training that focuses on identifying and mitigating cyber risks
Consumers are setting the table with sky-high expectations for banks’ cybersecurity responsibilities. While 31% believe banks can get by with just meeting legal and compliance requirements, a significant majority are hungry for more proactive measures.
80% of consumers believe banks should provide bank staff with comprehensive cybersecurity training that focuses on identifying and mitigating cyber risks, as well as preventing data breaches. And 84% believe banks have a responsibility to offer the same resources and guidance to help customers stay safe online and avoid falling victim to scams.
In a world where threats can emerge and escalate at an alarming rate, customers are increasingly expecting cybersecurity support that goes beyond the bare minimum and adapts to the fast-changing tactics of scammers.
Oz Alashe MBE
CEO and founder of CybSafe:
“Consumer expectations surrounding cybersecurity readiness at their banks are changing. While customers feel financial institutions are generally doing a good job of prioritizing security, there is a growing demand for them to move beyond compliance towards a more holistic approach.”
“With nearly a quarter of banking customers claiming they consider a bank’s cybersecurity preparedness before banking with them, customers want their bank to go that extra mile, and prioritize building a foundation of trust and resilience throughout their customer base.”
“This research gives important insights into shifting consumer behaviors, emphasizing how customers want to feel empowered through their provider to confidently navigate the digital age. Cybersecurity in banking is no longer just about protection. For an increasing number of customers, it’s a market differentiator.”
The cherry on top
STAT: 85% of consumers consider it important or very important for their bank to provide such training to interested customers.
In a crowded banking landscape where providers are trying to gain an edge over competitors, offering online safety and scam prevention training to customers could be a clincher that sets a bank apart. 85% of consumers consider it important or very important for their bank to provide such training to interested customers.
Breaking it down further, 42% deem it very important, while 43% see it as important. Only 14% see no value in this extra layer of customer care.
The numbers don’t lie: consumers are increasingly aware of the cyber risks associated with banking, they want to feel empowered to navigate the online world with confidence, and they’re looking to their banks to be their guides.
But it’s not just about checking a box or offering a generic tutorial. To truly meet consumer needs, banks will have to provide supporting, engaging, actionable content that speaks to the real-world risks customers face.
Jason Nurse, Director of Science and Research at CybSafe, reacted to the research, saying: “These findings show customers want their banks to recognise and embrace cybersecurity as a key part of today’s banking landscape. With Forrester predicting that 90% of data breaches will include the human element in 2024, it’s clear customers want their banks to adopt a holistic approach to cybersecurity – one that goes beyond the bare minimum of compliance, to incorporate more progressive human risk management activities.”
“In a world where data breaches and scams are all too common, proactive cybersecurity support from banks can be a powerful differentiator.”
How important is it to you that your bank offers training about staying safe online and online scams to customers who want it?
Access the full study insights to discover the future of cybersecurity training tailored to today’s digital workforce.
Access full study now
Biographies
Dr Jason Nurse
Director of Science and Research, CybSafe
Dr Jason Nurse is the Director of Science and Research at CybSafe, and he is also an Associate Professor in Cyber Security at the University of Kent.
At CybSafe, Dr Nurse leads a team of behavioral scientists and researchers responsible for ensuring that the company’s product is grounded in scientific evidence and empowers users to make smarter security decisions and build better habits.
Jason has spoken at venues across the world, and has contributed to (or featured in) mainstream media such as the Wall Street Journal, The BBC, Newsweek and Wired. Prior to CybSafe, Dr Nurse has engaged in research into human cyber risk, security behaviors, and cyber psychology, at the Universities of Oxford and Warwick; with his PhD specifically focused on organizational cyber security.
Oz Alashe MBE
Chief Executive Officer, CybSafe
Oz leads CybSafe. He has been the driving force behind CybSafe – the concept, vision and platform.
A former UK Special Forces Lieutenant Colonel, Oz is focused on making society more secure by helping organisations address the human aspect of cyber security.
Oz has a deep background in the areas of intelligence insight, complex human networks, and human cyber risk & resilience. He’s also passionate about reducing societal threats to stability and security by making the most of opportunities presented through advancements in technology.
Oz was made an MBE in 2010 for his personal leadership in the most complex of conflict environments.
Oz chairs the UK Government’s (DCMS) Cyber Resilience Expert Advisory Group. He also sits on the Advisory Board for the Research Institute in Sociotechnical Cyber Security (RISCS). And he’s an Expert Fellow at The Security, Privacy, Identity and Trust Engagement NetworkPlus (SPRITE+), as well as the Royal United Services Institute (RUSI).