For years now many organisations have approached data security with a sense of reluctance. Driven to adopt policies through a need to comply with complex regulations and a fear of picking up a fine through falling foul of the latest rules. Just look back at the amount of marketing we have seen around the launch of the GDPR this year, all of it relentlessly focused on the size of the financial penalties and, largely, adopting scare tactics designed to catch the eye and provoke pangs of guilt.
This approach has, undoubtedly, helped to create a mood whereby organisations realise they can't ignore data security matters, but continue to invest somewhat reluctantly. The idea seems to be to spend as little as possible and to do just enough to comply. After all, it's hard for any of us to get excited about spending money when we feel we are forced to. Think about taxing your car, paying for a TV license or buying an insurance policy – not exactly the sort of transactions that set the pulse racing!
But imagine if we lived in a world where security was cool. Imagine there was a race to see who could deliver the best customer experience around data protection. Imagine if security was something that businesses wanted to shout about from the rooftops because they were proud of their investment and wanted the world to know about it.
I believe that world may be just around the corner.
The huge amount of publicity around GDPR, coupled with the endless headlines about the latest breach and the stories about possible election interference have turned data security into an everyday topic of conversation for the wider public.
All of those "opt out" emails we've all been receiving as organisations get themselves compliant with the new regulations have really got people thinking about who has their personal data and what happens to it.
The evidence is growing rapidly that consumers are now making buying decisions based on how they believe companies will treat their personal data. Gartner is clearly making this assumption in its latest advice.
Then, we see a recent online survey of 10,000 consumers, conducted by the Harris Poll on behalf of IBM (available here) which found that:
75 percent will not buy a product from a company – no matter how great the products are – if they don't trust the company to protect their data
Cap Gemini have also carried out significant research on the topic this year and its survey into Security in the Retail Sector (available here) concludes that:
40 percent of consumers would be willing to increase their online spend 20 percent or more if their primary retailer gave them assurances around data protection
It is clear that consumers are putting data security high on their list of buying criteria. Higher than environmental concerns it seems – and we have seen how "green" initiatives have dominated marketing and strategy decisions in businesses in recent years.
So who will be first to embrace this new world? When will we see a CEO using customer data security for competitive advantage in the market? When will we see a TV commercial for a supermarket that says "shop with us because we promise to protect your personal data" instead of "shop with us because our prices are low"?
The phrase "We guarantee to keep all of your personal data encrypted" might just help to drive up the bottom line for more than a few businesses in the coming months.
As security becomes increasingly recognised as a profit and customer loyalty driver for businesses in all verticals we can watch as fear around compliance stops driving business decisions and market forces take over.
We might even see people buying security solutions with smiles on their faces – or is that taking it all a little too far?