Surveys show that customers are more concerned about the security of their personal data than ever before. All organisations are vulnerable so having a robust response plan in place is vital for regaining trust in the event of a breach. Sarah Hewitt from Gallagher and Ciaran Simms from Travelers Insurance offer practical advice.
In an age when a negative post can go viral and a video can reach millions of people in a few hours, reputation management is moving to the forefront of corporate concerns. Brand reputation is valuable to companies because customers see this as representing positive attributes that build trust - and trust leads to sales.
Unfortunately, the opposite is also true. When a brand becomes associated with negative messages, the damage in the marketplace can be extensive.
Increasingly, data breaches can create negative attention for a company, often leaving customers believing that their information has been mishandled because of corporate indifference.
A 2012 Financial Times article pointed to the growing sensitivity of customers, alluding to a survey by PR firm Edelman which found that 70% of customers are more concerned about data security and privacy than they were five years ago, and 85% think that companies need to take protecting data more seriously than they do.
If your company collects and stores data, a data breach is always a distinct possibility.
Consider the following statistics:
Companies hitting the headlines because they have been victims of data breaches are almost too numerous to mention.
Examples include:
British Airways was recently fined £183m after hundreds of thousands of customers’ credit card details were stolen - including the number, expiry date, three digit security code or ‘card verification value’ (CVV). Under the General Data Protection Regulation (GDPR), BA’s fine represents 1.5 per cent of their worldwide revenue in 2017.
Not all data breaches are due to malicious hacks. Marks and Spencer apologised to customers after its website experienced a technical error that allowed customers to see each other’s personal details.
Marriot International hotel group was involved in a data breach when a hacker stole information of up to 500 million customers.
Yahoo admitted it had been hacked three years ago, and 3 billion of its records had been breached with all users being affected.
What can companies do to protect their reputation in the face of data breaches?
Many experts agree that the most effective protection for your reputation is to consistently follow best practices when conducting your business. However, bad things can happen to good companies - especially when it comes to data integrity in an era of hacking, viruses, spyware and malware. Therefore, it is important to be prepared.
The plan should lay out timelines and responsibilities so that key decisions do not have to be made in the heat of the moment.
A data breach can cause the erosion of a brand and the consequences for businesses, such as a lack of trust and loss of customers, need to be kept in mind. To help manage and mitigate these risks, it is critical to formulate a plan and be prepared.
Sarah Hewitt is director in the Major Risks Practice of Gallagher.
Ciaran Simms is a technology underwriter with Travelers Insurance.