New report reveals what consumers want after a data breach – and what they’re not getting
A new national report by Hall & Wilcox and Porter Novelli has uncovered a growing disconnect between how Australian consumers expect organisations to respond during a cyber incident and what business leaders believe is ‘enough.’
The report, Beyond the Breach: aligning consumer and business expectations in cyber incident response, brings together the perspectives of everyday Australians, C-suite leaders and board directors to explore how expectations around cyber breach response have evolved and where the gap lies.
Based on research conducted with Quantum Market Research, the report offers a deep dive into the emotional, reputational and legal risks of cyber security incidents, alongside practical insights for leaders.
Australians want faster, clearer answers
The research found that 75% of Australians now value the privacy of their personal data more than the convenience of online services – a 12% rise since 2023. Yet fewer than one in five (20%) believe organisations are doing enough to protect that data.
Trust continues to erode. Only 2% of consumers trust organisations that take a minimal, compliance-only approach after a breach. But, when organisations act quickly, clearly and with empathy, trust improves significantly – with 25% of consumers saying they would engage with that organisation again.
Eden Winokur, Partner and Head of Cyber said ‘privacy has never been more important to individuals. Meeting expectations following a cyber incident can be challenging, even when a company is transparent and works to provide information urgently. This challenge can be exacerbated by the complexity of investigating the scope of a cyber incident’.
‘We’re seeing greater scrutiny from consumers, regulators and the media. Organisations that treat cyber response as just a legal box-ticking exercise are missing the bigger picture – this is about trust, reputation and relationships.’
Key insights from the report
- Trust is fragile: just 20% of Australians believe organisations are doing enough to protect personal data, down from 41% in 2023.
- Emotional impact is real: 45% of Australians impacted by a breach reported emotional distress, with 10% needing time off work.
- Speed matters: only 46% of consumers felt they received timely information after a breach.
- Disconnect in expectations: 100% of business leaders agree transparency is expected during a cyber incident, but only 50% say organisations should go beyond legal minimums.
Three ways to close the trust gap
The report offers three key actions business leaders can take to improve their cyber breach response and strengthen stakeholder trust:
- Communicate faster and smarter
Understand what ‘timely’ means for your specific audience and risk profile. High-profile brands need to be ready to respond in near real-time. - Go beyond legal obligations
Consumers consistently reward organisations that go the extra mile. Transparency, independent reviews and proactive support make all the difference. - Lead with empathy
Cyber breaches have a real human cost. Communicate clearly, acknowledge the impact and offer meaningful support.
Every organisation will face a cyber incident, but not every organisation will be prepared. Those who invest in their response, plan for the customer experience and lead with care will emerge stronger.
Hall & Wilcox is proud to be at the forefront of cyber incident response, supporting clients through preparation, response and recovery with legal, strategic and human insight.
Contact
Media contact
