Help protect your reputation in a data breach crisis
January 6th, 2015
The reputational impact of losing sensitive customer data or the threat of cyber attack can be devastating. With a bit of planning small business owners can be better prepared for online threats to their business.
The reputational impact of losing sensitive customer data or the threat of cyber attack can be devastating. Whether it’s a laptop left on a train, or a hacker getting into an IT server, with a bit of planning small business owners can be better prepared for online threats to their business. So what do you do when such an issue threatens your business?
Here are three steps you can take:
1. Think about who you need to help you during a potential crisis
However formal or informal, make sure you have the right people ready to help you. A significant part of a crisis situation will be careful reputation management, so you will need someone with crisis communications experience.
Many small businesses will not have this expertise in-house but you can hire specialist PR consultants to help you communicate to your customers and other stakeholders. Other essential expertise includes IT security, and key customer-facing, legal and human resources staff or consultants.
2. Tighten your communications channels
Bad news travels fast (even when it’s not true). You might find yourself the centre of attention when you have never been before. Now is the time for careful co-ordination.
Your PR adviser will help you build statements and updates for customers and other key stakeholders. Make sure your staff are briefed and that all media enquiries are directed to your PR adviser. Politely ask your team not to discuss the issue on social media too.
3. Start to get a grip on the facts and plan accordingly
Crises can take time to unwind – it could be days, weeks or months before you know the full story. Set aside dedicated time and space to focus on the situation and build up a picture.
What data has been compromised? How did it happen? Are your systems now secure? Will it happen again? What are the legal and regulatory obligations in all the jurisdictions you operate in? What do you need to do to restore trust with your stakeholders?
Central to all of this is a strong and positive approach from you and your team. It’s important that you take responsibility for the crisis and draw on your business values. Take charge and act with consideration for adversely affected customers at all times. At Hiscox this would mean acting decisively and being as good as our word.
For more information on Hiscox’s cyber and data insurance product, click here.