Rebuilding Trust after a Breach
Trust is something that can take years to build and nurture, only to be destroyed by one event. That one event for some businesses is a data breach.
Rebuilding trust in a consumer/business relationship can be tough but doable. In the past few years, we have heard the endless list of organizations and businesses that have experienced breaches. How did those companies rebuild the fragile pieces of trust back up again?
The names Facebook, Equifax, Target, Wells Fargo, and Uber probably spark recognition not just for what products or services they deal in, but also due to data breaches that have occurred in the past few years. Despite the fact that cybercrimes and data breaches have become a way of life lately, consumers are still wary even months after a breach.
The statistics are staggering on how many Americans have heard of, or experienced, a data breach personally. According to Pew Research Center, half of Americans feel that their personal information is less secure than it was five years ago. Even more so, 64% of American adults have experienced data theft via credit card, account number, email account, social media accounts, Social Security number, loan, or tax return compromises.
The potential loss of customers and loss of reputation has encouraged many businesses to take a proactive stance in trying to prevent a potential breach. In spite of rigorous planning and security safeguards, some companies will still fall victim to anti-malware, antivirus, malicious hacking, or ransomware that jeopardizes the personal data of your most loyal customers.
What actions should a company take in the days and weeks following a data breach? Here is a straightforward guide to the most important steps that will help you start rebuilding that trust.
Once your company has become aware of a data breach, you should employ a team of forensic specialists who can root out the cause or causes in order to neutralize them. Be sure to document what steps you have taken and how you will continue to discover where the vulnerabilities lie.
Follow Notification Laws
Your IT department should know what legal obligations you have to notify both the authorities and your customers of a breach. You will want to be as transparent as possible when explaining what went wrong and how you plan to make it right. Be sure you are up-to-date on notification laws. Consulting a company attorney or one that specializes in data breaches and cyber security issues can guide you along during this part of the rebuilding.
Communicate, Communicate, Communicate
This step can not be stressed enough. Communication should take place at multiple levels. Communicate with your IT department, lawyers, and corporate leaders about the steps you are taking to stop the vulnerability and restore data. Communicate with consumers about what happened, how it happened, and what you are doing to rectify the situation. Communicate with the authorities about what you know regarding the breach. Outline the ways you are informing consumers of the data breach. Give concrete responses to how you will handle the situation so that it does not happen again. There is no need to go into great detail but enough to make it clear that you have worked with tech specialists and know what you are talking about.
We invite you to look at three case studies including the Facebook Data Scandal, Wells Fargo Incentive Violations, and the Uber Cover up in the Kirkpatrick Price article Rebuilding Trust After a Data Breach. Learning from the mistakes of even the largest and more secure businesses can help you down the line in the event this ever happens in your business.
Do you need a risk assessment or security protocols to be beefed up at your business? Contact Spectra Networks at 978.219.9752 or visit our website.