According to a poll taken by KPMG, most consumers would take their business elsewhere if they found out that a company had suffered a cyber-attack or data breach. The findings come at a time when consumers are spending more time and sharing more of their data online. Nine of 10 respondents said they would be wary of sharing personal or financial information with a company that had suffered such an incident, and over two-thirds are more worried than ever about their data being breached. Phishing and spear-phishing are the most common kinds of attacks consumers face, and brands or companies are likely to get the blame for successful attacks on consumers even though it is the email recipients themselves who make the mistake of clicking through. KPMG advises that restoring consumer confidence requires a focus on internal security to mitigate the threat of data breaches, and closer engagement with customers to educate them about the threat from phishing and social engineering attempts to impersonate their brand. Companies need to focus on incident response, staff training and awareness, and governance and accountability.