Your worst nightmare has come true. A security breach is compromising customer data; your company’s name is about to be in the news, and not for the reason’s you want. What’s the real damage, you wonder, going forward? What’s the ultimate cost in terms of sales-loss, dipping stocks and long-term damage to your brand’s reputation?
Security Issues Lead to Reputation Damage
There’s no doubt about it, security issues are bad for business. In 2015, fraud prevention company Semafone found that 86 percent of survey respondents would not do business with a company that was known to have leaked customer credit and debit card information. The average data breach costs a company USD $3.62 million, according to the Ponemon Institute’s 2017 global study sponsored by IBM.
In addition to up-front costs to stop the leak and update security, related expenses can include revenue loss, fines, litigation and, of course, any investment needed to rebuild the brand’s reputation. With the EU’s new data protection rules coming into play this year, these types of costs are only likely to increase. Companies that don’t report security breaches in a timely manner or fail to update their practices following a problem will face new fines, and the increased emphasis on individual privacy will likely make the reputation fallout from data mismanagement even more severe.
Data Breaches Are an Inevitable Part of Doing Business Online
Yet without undermining the seriousness of the situation, it’s important to remember that data breaches happen all the time. Only a few high-profile cases make the news, but UK businesses are constantly under attack and security break-downs occur on a regular basis . Cisco’s CEO, John Stewart, advises business owners to consider an eventual security breach as an inevitability, a matter of when not if. It’s no longer ‘relevant’ to discuss the idea of not being hit, he says; this will just limit the company’s preparedness when it does happen.
It’s worth investing in professional, up-to-date security since this can minimise the frequency of breaches and make it easier to salvage the company’s reputation when one does occur. However, even the best security only makes it harder for attackers to gain access. Human error plays a significant role in many data breaches, and all it takes is one careless employee to bring down the entire system.
What’s the Long-Term Fallout?
Many large companies have seen an initial drop in stock value following a security breach, but the damage is usually short lived. In the US, Target’s well publicised loss of more than 100 million customer records resulted in a 10 percent drop in share value, while TalkTalk’s 2015 breach that exposed customer’s financial information led to an 11 percent decline. However, both companies’ investment profiles bounced back within a few months. Adobe, eBay and Sony Pictures all showed significant stock gains just one year after dealing with a data breach.
Reputation rebound can be trickier. The type and extent of the data breach often affects how much the company appears to be at fault and this can have significant impact on the brand’s image. If security practises are out-of-date or below expected standards, stakeholders are more likely to blame the organisation. Successfully pinpointing and eliminating the source of the problem can also help to restore consumer confidence.
A business’s actions immediately following a breach can have a significant effect on the extent of the reputation damage. TalkTalk was accused of not acting promptly enough to alert customers and many people criticised the company for being unable to specify exactly how many people were affected by the attack. In addition, TalkTalk refused to waive contract termination fees to customers who had had their accounts compromised, offering instead a free upgrade on their account. This policy may have helped to retain customers, but the brand’s reputation took a hit and was slower to rebound than many other companies facing similar issues.
Minimise the Damage
A data breach should be handled like any other PR crisis. The IT department may be responsible for fixing the technical issues, but publicity professionals need to be ready to issue statements, communicate with customers and handle complaints as soon as they appear. Once the breach has happened, it may be too late to designate these responsibilities, so it’s a good idea to highlight the most important risk areas and plan the organisation’s response ahead of time. Avoiding missteps in the immediate aftermath of the breach can minimise reputation damage later on.
It’s important to have a proactive reputation management plan that includes risk assessment and management, as well as content building. This will help prepare the company to respond quickly if a data breach occurs, and it will ensure that there is already a reserve of positive content on the internet to counteract any negative publicity that appears. If your company has a strong and resilient online reputation, it’s likely you will be able to weather the current security problems with only minimal losses.
Your worst nightmare has come true. A security breach is compromising customer data; your company’s name is about to be in the news, and not for the reason’s you want. What’s the real damage, you wonder, going forward? What’s the ultimate cost in terms of sales-loss, dipping stocks and long-term damage to your brand’s reputation?
Security Issues Lead to Reputation Damage
There’s no doubt about it, security issues are bad for business. In 2015, fraud prevention company Semafone found that 86 percent of survey respondents would not do business with a company that was known to have leaked customer credit and debit card information. The average data breach costs a company USD $3.62 million, according to the Ponemon Institute’s 2017 global study sponsored by IBM.
In addition to up-front costs to stop the leak and update security, related expenses can include revenue loss, fines, litigation and, of course, any investment needed to rebuild the brand’s reputation. With the EU’s new data protection rules coming into play this year, these types of costs are only likely to increase. Companies that don’t report security breaches in a timely manner or fail to update their practices following a problem will face new fines, and the increased emphasis on individual privacy will likely make the reputation fallout from data mismanagement even more severe.
Data Breaches Are an Inevitable Part of Doing Business Online
Yet without undermining the seriousness of the situation, it’s important to remember that data breaches happen all the time. Only a few high-profile cases make the news, but UK businesses are constantly under attack and security break-downs occur on a regular basis . Cisco’s CEO, John Stewart, advises business owners to consider an eventual security breach as an inevitability, a matter of when not if. It’s no longer ‘relevant’ to discuss the idea of not being hit, he says; this will just limit the company’s preparedness when it does happen.
It’s worth investing in professional, up-to-date security since this can minimise the frequency of breaches and make it easier to salvage the company’s reputation when one does occur. However, even the best security only makes it harder for attackers to gain access. Human error plays a significant role in many data breaches, and all it takes is one careless employee to bring down the entire system.
What’s the Long-Term Fallout?
Many large companies have seen an initial drop in stock value following a security breach, but the damage is usually short lived. In the US, Target’s well publicised loss of more than 100 million customer records resulted in a 10 percent drop in share value, while TalkTalk’s 2015 breach that exposed customer’s financial information led to an 11 percent decline. However, both companies’ investment profiles bounced back within a few months. Adobe, eBay and Sony Pictures all showed significant stock gains just one year after dealing with a data breach.
Reputation rebound can be trickier. The type and extent of the data breach often affects how much the company appears to be at fault and this can have significant impact on the brand’s image. If security practises are out-of-date or below expected standards, stakeholders are more likely to blame the organisation. Successfully pinpointing and eliminating the source of the problem can also help to restore consumer confidence.
A business’s actions immediately following a breach can have a significant effect on the extent of the reputation damage. TalkTalk was accused of not acting promptly enough to alert customers and many people criticised the company for being unable to specify exactly how many people were affected by the attack. In addition, TalkTalk refused to waive contract termination fees to customers who had had their accounts compromised, offering instead a free upgrade on their account. This policy may have helped to retain customers, but the brand’s reputation took a hit and was slower to rebound than many other companies facing similar issues.
Minimise the Damage
A data breach should be handled like any other PR crisis. The IT department may be responsible for fixing the technical issues, but publicity professionals need to be ready to issue statements, communicate with customers and handle complaints as soon as they appear. Once the breach has happened, it may be too late to designate these responsibilities, so it’s a good idea to highlight the most important risk areas and plan the organisation’s response ahead of time. Avoiding missteps in the immediate aftermath of the breach can minimise reputation damage later on.
It’s important to have a proactive reputation management plan that includes risk assessment and management, as well as content building. This will help prepare the company to respond quickly if a data breach occurs, and it will ensure that there is already a reserve of positive content on the internet to counteract any negative publicity that appears. If your company has a strong and resilient online reputation, it’s likely you will be able to weather the current security problems with only minimal losses.
DOWNLOAD OUR FREE eBOOK BELOW
