We all know that the latest PR disaster trend for major businesses involves digital security failures. Target is only the biggest name to suffer a huge hit to its reputation and its bottom line thanks to an embarrassingly well-executed breach of the wall between millions of customers’ personal data and those who would use it for their own purposes.
But what can businesses do to address this problem as the stories get bigger? According to a new report released by The Economist, a growing number of them now see such breaches as inevitable events rather than catastrophes to be avoided at all costs.
In fact, some plan to use newly robust response strategies to improve their own reputations.
Some stats from this survey of major C-suite execs around the world make the situation a bit clearer.
- Two thirds of execs think that effective responses to such incidents can improve their corporate reputations
- 60% of orgs polled now have formal response strategies in place
- Yet, while 73% of orgs feel “somewhat prepared“, only 17% of business leaders surveyed feel “fully prepared” to address breaches
They’re right to be concerned, because security incidents are now an accepted part of running any digitally enabled business. We know the big names, but 57% of orgs who suffer breaches do not voluntarily report them. They also come in quite a few shapes and sizes. Despite all the headlines, hackers aren’t responsible for most breaches. The most common causes are:
- Major systems outages (29% of companies experienced them)
- Unintentional loss of sensitive data by an employee (27%)
The biggest current challenge is a lack of understanding about the specifics of these security incidents. And here’s the key quote from the report:
“For now, arrangements with a public relations agency or crisis management firm are less common, underlining the defensive focus of current planning.”
Therein lies the opening for agencies and communications professionals around the world—especially those with tech specializations. Experts from Edelman and other agencies gave readers advice on how to address such security emergencies. Their most important points:
- Identify the challenge and stick to the existing plan when addressing it
- Err on the side of caution in messaging, because releasing inaccurate information to the public is ultimately more damaging than waiting until you have the story straight
The question, then: are your clients properly prepared for a cybersecurity breach? And do you have a specific crisis plan in place?