Brand Impact May be Significant
The impact to a company's reputation and brand may be longer lasting than the actual damage done by the data breach, according to marketing expert Linda Popky, president of Redwood Shores, CA-based strategic marketing firm Leverage2Market Associates, and author of the new book Marketing Above the Noise: Achieve Strategic Advantage with Marketing That Matters.
"We expect the brands we trust to take good care of the data we provide them," she said. "When a breach occurs, it's important for the organization involved to respond quickly to notify those who may be impacted.
"Clear, ongoing communications are critical to assure the public that the organization is taking the necessary steps to improve security, as well as to take care of anyone involved who may have been harmed because of this action."
Prevention is Key
Operations expert Rebecca Morgan, President of Fulcrum ConsultingWorks, Inc. in Cleveland Ohio, says, "Effective disaster planning includes prevention, minimization, and follow-on activities. It considers physical disasters, market crises, and data failures."
Morgan adds, "While a fire may create sympathy, a data breach, hack, or "kidnapping for ransom" is likely to create fear and anger. Regular verified data backups are fundamental, and a communications, PR, and impact-minimization strategy is equally important for your business partners.
"It's not easy to earn trust in the first place, but a negative event that harms your customers and suppliers can make it almost impossible to earn back. If your extensive prevention activities do fail, err on the side of quickly protecting your business partners, perhaps even those you later discover were not harmed," Morgan advises.
Stay Alert for Hack Attacks
Dr. Maynard Brusman, a consulting psychologist, executive coach, and workplace expert specializing in emotional intelligence and mindfulness-based leadership development, www.workingresources.com notes, "Can anyone truly prepare for a crisis? One can purchase insurance or plan an escape route in case of a fire. Imagine reaching for your mobile phone and not only being locked out from using it, but you also see that someone is controlling it remotely and making very expensive purchases."
According to Dr. Brusman, "Being hacked can be the most stressful modern digital crisis imaginable. Sure, you have a passcode on your phone or virus protection software on your computer; however, if either fails, you will be stressed-out and in crisis mode. Create passwords that are unique. Keep your computers and mobile devices updated with the latest updates. It's important to keep your computer updated to receive the latest security fixes and have some peace of mind."
Time to Up the Game in Software Discipline
"Cybercrime has evolved to a dangerous point with a number of hierarchical underground organizations," points out Alan Willett, president of Oxseeker, Inc. "This has gone beyond isolated, bored programmers. The cybercrime organization is good at what they do, and they keep getting better.
In brief, there are three critical action items, Willet notes. First, software developers must radically improve their defect management methods. Many data thefts are due to backdoor defects. Second, the purchasers must hold the developers accountable for eliminating these backdoors. They must start asking the hard questions about quality prior to purchase.
Third, he notes, "As a society, both ethically and legally, we must begin to consider software development as an engineering discipline. It is ridiculous that when we ‘accept' terms and conditions for software, we effectively say, ‘yes, we know you wrote defective software, and we are okay with that.'
"Of course, the cybercriminals will keep getting better. The challenge we face is to outpace them. I absolutely believe we can. Now, let's prove it!"
Strengthen Security Within the Supply Chain
"As Target, Home Depot and several others have proven, our data is vulnerable," points out Lisa Anderson, known as The Manufacturing ConnectorSM and President of LMA Consulting Group, Inc., Claremont, CA. "Since customer service is a top priority for those companies that want to thrive, a data breach would be unacceptable."
"A few common sense approaches can go a long way. Outsource or hire top-notch talent to protect your IT systems. Make sure you have a process in place to stay on top of the most likely threats. Ask for updates and show executive commitment. The bottom line is making it a priority.
"Remember, the interconnectivity of customers and suppliers with supply chain partners is prevalent. Consider collaboration and sharing of resources to strengthen your position," Anderson adds.
Plan for Public Disclosure
According to SAC CEO Alan Weiss, PhD, "Never commit potentially damaging or intimate sentiments to email."
"Understand that, however unlikely, anything you write electronically or say on your phone may be captured by someone else and published. The right to privacy has been pretty much obliterated by the ability to access," Weiss noted.