By Stephanie Faris - March 12th, 2015
There are few moments when a company is more vulnerable than after their customers' data has been hacked. It’s almost impossible to escape the media
Even if only a few people have their data leaked, it will shake the trust your customers put in your brand for months, years—maybe forever. (For more insight on better protecting your brand, check out the upcoming Incite Summit: West, May 18th and 19th in downtown San Francisco.) The best way to avoid the embarrassment of a data breach is to avoid one altogether. However, no one is one-hundred percent safe: take the time to put a plan in place to respond if (or when) hackers compromise your security. Frank G. Scafidi, director of public affairs for the National Insurance Crime Bureau, believes that by now, every company should have had such a discussion. Planning for a data breach is part of doing business today, he feels. But even if an organization hasn’t had such a discussion, he emphasizes that it’s never too late to start. “The people in an organization who are the public face or voice, namely the CEO and/or the communications staff, should take real steps to protect their data from an attack,” Scafidi said. “That means charging their IT department or external IT vendor with developing a detailed protection plan and then implementing that plan. It should also have regular updates and revisions as threats and techniques evolve.” The onus is not just on the tech team or their providers, it’s on the people who have to look their customers in the face and tell them why their information is no longer safe. However, once an incident does occur, there isn’t time to hesitate. Here are three tips for managing a data breach with grace.
If you wait for news of your data breach to break, you’re already too late. Instead, release a statement of your own and make it clear you’re launching an investigation. In its recent data breach, Intuit hired its own independent investigative team, which confirmed that the breach did not come through the company’s servers. This type of information can go a long way in maintaining customer trust.
Communicate with Customers
In the days following its recent data breach, Anthem communicated every day with its customers, even assuring them they’d offer identity theft protection. When customers can obtain information directly from the source, they’re less likely to rely on what the media is saying about the incident.
Publicize Future Plans
In early 2014, Target dealt with the backlash from one of the most publicized data breaches of all time. Instead of toiling away behind the scenes, Target joined forces with other big brands to form the Retail Cyber Intelligence Sharing Center. This resource shows the consumer market that retailers are in control, not cybercriminals. When a business suffers a data breach, it can be devastating. But it can also create an opportunity to show customers that you put their needs first, and will do whatever it takes to protect their personal information. In a perfect world, our servers would be impenetrable and our customers’ information safe. The reality is, no matter what we do, they aren’t and it’s not. When you’re facing an incident like this, it doesn’t have to be a total PR nightmare. Strive to be as open as possible, and you’ll salvage or even build trust in your brand. (For more insight on better protecting your brand, check out the upcoming Incite Summit: West, May 18th and 19th in downtown San Francisco.)