By Jay Buerck
In an age of Wikileaks and rampant identity theft, it seems no information is safe, no matter how classified, protected or secret it is supposed to be. In 2011, there were at least 558 data breaches that cost U.S. businesses a total of more than $6.5 billion, according to the Online Trust Alliance. Since you know that hacking and data breaches are becoming more and more common, your company should be proactive to protect against breaches, be aware of reputational risks related to breaches, and understand how to repair the company’s reputation in the wake of a breach or hack.
Protecting Against a Data Breach or Hack
As you are with your company’s online reputation, you must be proactive in protecting against data breaches and hacks. This involves employing the proper security technology to lock down and encrypt the most private information, including confidential company files and consumers’ Social Security numbers and credit card information, being aware of the insider threat, continuously monitoring threats, and addressing vulnerabilities as they arise.
One often ignored issue when it comes to hacking and data breaches is the threat of insiders to a company. Employees have access to private records of a company, and a disgruntled ex-employee could easier than an outsider release such information to the public. To protect against this, there should be strongly worded policies in place to protect against insider threats to information.
Companies should also make sure their websites and information are secured using the proper technology, which must be continuously updated. Also, when vulnerabilities in networks, people and systems are uncovered, they should be addressed swiftly, instead of swept under the rug.
The Effect of Breaches on Online Reputation
As Sony, email marketing firm Epsilon and countless other companies have proven – a company’s reputation can be severely damaged in the eyes of consumers and investors in the wake of a hacking scandal or data breach.
More than 100 million records were stolen from Sony in more than 20 separate incidents last year, through a series of persistent and ongoing attacks. In the wake of these incidents, Sony had to do a lot of work to lockdown its files and reassure users that their information would be safe in the future. The company also had to offer identity theft protection and credit card fraud protection to some consumers whose information was stolen.
On a similar scale, email marketer Epsilon saw information on at least 50 of its customers, which include Tivo, JP Morgan and Target, hacked, affecting tens of millions of consumers. Although there have been bigger breaches of company information, the Epsilon and Sony breaches got a lot of media coverage as they affected a large number of average consumers. Customers of companies such as Target were informed of the breach via email and the coverage incident spread like wildfire on the Web.
Understandably so, investors and consumers’ confidence and trust in these and other companies were shaken as a result of these negative incidents. Additionally, these companies had to deal with much negative media coverage and Internet fury in the wake of these scandals.
Reputation Repair in the Wake of a Breach or Hack
Companies facing a breach or hack large or small must often disclose this information to their customers or consumers, as this is a legal issue related to privacy and they are often obligated by law to disclose such incidents. This means that the public will be aware of this lapse in privacy and must be convinced to continue to do business with this company that has breached their trust.
Many companies choose to offer perks and protections to consumers whose information has been breached, including identity theft protection and credit score reports and monitoring, as an initial step to regain trust. This may sound like a costly maneuver, but imagine the costs individual consumers may face if their identity is stolen or credit cards used without their consent.
Another way to gain consumers’ favor is to explain through a letter, email or website updated the steps your company has taken and will take to protect information better in the future. When you disclose a data breach to consumers, openness is appreciated – and gives you a chance to give a positive spin by highlighting security and privacy initiatives that resulted from a data breach incident.
Prepare, Protect and Repair
A hacking scandal or data breach is devastating for any company to deal with, but certainly not the death knell on your operations. Being prepared and aware of the possibility of a hack or breach is the first step in your company’s data breach action plan. After that, make sure your information, employees and networks are protected and secured. And when a data breach does occur despite your best efforts to prevent it, act immediately to repair your reputation in the eyes of the general public, the media, customers, consumers and investors.