Nearly 1 in 3 Consumers Stopped Doing Business With a Company Known to Have Compromised Cybersecurity, Says New ISACA Study

Schaumburg, IL, USA —In recognition of Cybersecurity Awareness Month, ISACA recently released the results from its inaugural consumer cybersecurity research, which reveals a growing sense of hopelessness in consumers who think nothing can be done to protect them from cybercrime. The international study of more than 3,000 consumers across the UK, Australia, US and India, found that more than one in three consumers in these regions (37%) has had their personal information stolen by cyber criminals.

Expectations that they may be the victim of cybercrime are high, with only one in three believing it is unlikely to happen.

Worryingly for the companies in these regions that experienced a breach in security of their customers’ personal identifiable information (PII), 33% of consumers report having severed ties with a company known to have experienced a breach.

Regardless of the data privacy regulations across the globe, including the General Data Protection Regulation (GDPR), 36% of consumers surveyed in the US, UK, Australia and India believe companies under-report breaches, even if required by law, and 23% are not confident a business can safely secure their personal identifiable information.

With consumer confidence waning, the research indicates a significant number of consumers in these regions (65%) would be more confident doing business with companies that hire certified cybersecurity professionals.

In addition, 69% of consumers surveyed believe companies should be independently graded on data security practices and the scores shared with the public.

“The prevalence of cyberattacks worldwide understandably leaves an impact on consumer confidence, which in turn has a ripple effect,” says Shannon Donahue, ISACA senior vice president, publishing. “Organizations that prove to consumers that they are bolstering their cybersecurity programs and strengthening their security workforce to protect their customers will differentiate themselves and build digital trust in the process.”

During Cybersecurity Awareness Month, ISACA is providing a 20% discount on its Cybersecurity Fundamentals Online Review Course with the code PRODCYBERMONTH22. To learn more, visit

Additionally, ISACA will feature several cybersecurity sessions at ISACA Conference Europe, taking place 19-21 October 2022 in Rome.

For a complimentary copy of ISACA’s consumer cybersecurity research report and related content, visit


ISACA® ( is a global community advancing individuals and organizations in their pursuit of digital trust. For more than 50 years, ISACA has equipped individuals and enterprises with the knowledge, credentials, education, training and community to progress their careers, transform their organizations, and build a more trusted and ethical digital world. ISACA is a global professional association and learning organization that leverages the expertise of its more than 165,000 members who work in digital trust fields such as information security, governance, assurance, risk, privacy and quality. It has a presence in 188 countries, including 225 chapters worldwide. Through its foundation One In Tech, ISACA supports IT education and career pathways for underresourced and underrepresented populations.