Corporate Responsibility: A Key to Weathering a Breach - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // Security & Risk Strategy
Commentary
4/22/2019
07:00 AM
Joseph Perry, Director of Research, Cybrary
Joseph Perry, Director of Research, Cybrary
Commentary
50%
50%

Corporate Responsibility: A Key to Weathering a Breach

How a company handles a breach speaks directly to its character during one of the most high-profile times of its history.

The rise of data breaches is well-documented, with thousands taking place every year and at least two or three annually for most organizations. In other words, it’s a question of when, not if, your organization will be affected.

With the element of surprise long gone, so too are any excuses for not having a strategy in place for managing these breaches. And in light of the fact that privacy and cybersecurity are now high profile concerns in the public eye, it’s increasingly clear that any successful strategy will be built on a solid foundation of corporate responsibility.

Let’s take a closer look at why enhancing corporate responsibility is such an important, and often neglected, component of surviving a breach with your reputation intact. Then I’ll share four practical tips to help move the needle in that direction for your own company.

A breach can compromise more than just data

Whenever a breach happens, the most valuable asset you’re losing isn’t the data. It’s the trust among customers and partners that can be gone in an instant and take years to earn back.

Executives who stonewall or try to cover up problems only make the crisis worse, allowing shaken trust over an incident to metastasize into broader, long-term reputation damage.

Even well-meaning attempts at forensics and fixing the problem suffer without status reports and other communications to keep stakeholders informed and reassured. This is just one of many ways your recovery efforts can fall flat if you don’t remember your larger corporate responsibility to your customers, partners and the general public.

Corporate responsibility — including accountability, honesty, proactivity and transparency — makes your organization more resilient and accelerates the process of rebuilding organizational trust and credibility. These principles are the strategic underpinning for a whole range of individual decisions you must quickly make during an unfolding crisis, enabling you to navigate the operational and reputational challenges in tandem for the most coordinated, strategic and effective response to a breach. 

Take the right steps to strengthen corporate responsibility

Principles are great, but they need to translate into actual processes and policies to be of any use. With that in mind, here are four key priorities to embrace:

Be proactive: As I mentioned above, breaches are far too common for an organization to plead surprise or ignorance. That’s why proactively monitoring systems and responding to potential incidents is a key responsibility in order to increase not just your visibility into threats, but your corporate accountability to regulators and the public.

Share updates early and often: Executives need to understand that it’s possible to share interim updates with affected stakeholders, even if events are still unfolding or information is shifting. Some information is better than no information at all, especially in a hyper-social modern digital age where anyone else can fill the information void with rumor or criticism.

Treat customers as partners, not simply recipients of information:  A sense of agency, the feeling that there’s something you can do about a situation and not just endure it, is critically important to psychological well-being, and your customers are no different. During a breach, that means giving your stakeholders meaningful steps to participate in the solution, like patches they can install or help lines and chat windows to report and troubleshoot damage.

Optimize language and communications channels: Jargon can be a barrier that alienates customers, and people also recoil when they feel they’re being talked down to like children. So calibrate your communications to customers by finding a middle ground between jargon and overly simplistic language. Also, make sure you give them multiple options to share information, so they know you respect their platforms of choice (phone, chat, email, social platforms, etc.) rather than forcing them to adapt to yours.

Ultimately, the way we handle a breach speaks directly to our character in one of the most highly-scrutinized, high-profile moments of your company’s history. Corporate responsibility is the ethical and procedural road map that can help, guiding your decisions and creating opportunity out of what could otherwise be catastrophe.

Joseph Perry is director of research at Cybrary.

The InformationWeek community brings together IT practitioners and industry experts with IT advice, education, and opinions. We strive to highlight technology executives and subject matter experts and use their knowledge and experiences to help our audience of IT ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
Strategies You Need to Make Digital Transformation Work
Joao-Pierre S. Ruth, Senior Writer,  11/25/2019
Commentary
Enterprise Guide to Data Privacy
Cathleen Gagne, Managing Editor, InformationWeek,  11/22/2019
News
Watch Out: 7 Digital Disruptions for IT Leaders
Jessica Davis, Senior Editor, Enterprise Apps,  11/18/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll