Survey quantifies willingness of customers to move their business following ransomware attacks


A survey of 2,000 consumers in North America, UK, France and Germany reported that 37 percent will switch to a competitor company if systems are not back online within 24 hours of a ransomware attack operational disruption, and 66 percent will turn to a competitor if systems are not restored within 3 days. 59 percent would ‘likely avoid doing business with an organization that had experienced a cyberattack in the past year’, and more than 80 percent reported sharing their negative ransomware-related experience with family, friends and colleagues.

The survey also revealed that banking and communications providers are at particular risk of losing consumers due to a breach, with nearly half reporting they would immediately move to a competitor if their bank or securities provider experienced a breach that impacted operations. Forty three percent would do the same for their telecoms provider.

However, there is a positive message for companies. More than half of survey respondents said they would pay more for products from banking and securities providers that were believed to be more secure, and 40 percent said the same about healthcare, insurance and retail category companies.



These survey results are in line with Cyberhedge findings that ransomware is the most damaging and costly type of breach event for companies and their shareholders. While data breaches involving loss of personal information impose costs to companies such as systems repair costs, fines and paid monitoring service for affected users, operational disruptions are normally much more damaging to companies’ bottom lines.

This is clearly illustrated by the finding that more than one third of customers would leave for a competitor due to systems being down for 24 hours. This should be a wake-up call to companies about the critical importance of making the necessary investments into their overall cyber governance that lowers the probability of such an event occuring. Companies spend huge amounts of money on customer acquisition costs so protecting against the loss of a significant number of customers and their recurring revenues should be a clear strategic priority.

C-suites should pay close attention to the finding that around half of customers would pay more for products that are believed to be more secure. This validates a core Cyberhedge view that IT security should be thought of not as a cost item to be squeezed as much as possible, but as a differentiating factor that companies can use to increase revenues, margins and outperform.

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website