Each one of us has a right to privacy. Lately, however, that right has been breached. Our social security or credit card information has been stolen, our emails hacked, and many of our other accounts have been compromised. Threats from abroad to hack into government, universities andheavily shopped retailers, or even shut down the grid, have put us on the brink of cyber-warfare.
Businesses, large and small, need to prepare. With attacks on JP Morgan Chase, Yahoo, Target, the Democratic National Committee, US Department of Justice, Qatar and Michigan State University, it is not a matter of if, it is a matter of when and how often.
While there may be a hodgepodge of laws that deal with cyber-security, cyber attacks or data breaches, there is no one agency in the US government that has oversight, and each state has their own laws prescribing how a company discloses a breach.
As we increase our exposure, companies need to assess their risk. A public relations professional can help the CEO, CIO, HR Team and General Counsel prepare for areas of where they are vulnerable and help them respond quickly in wake of an attack. If attacked, a PR team also can help rebuild any reputational loss as a result of the breach.
This is the new reality. We download hundreds of mobile apps with our fingerprint or link the accounts automatically to our Facebook, LinkedIn or Gmail account. And SPAM or rogue emails from ͞"trusted sources" are as common as ROBO calls close to election day.
Data is being collected all around us. By clicking on disclosures to download apps we are agreeing to give away information from our smart homes, wearable technologies and soon autonomous vehicles.
Recently we learned that the Roomba is secretly mapping our homes. With each piece of data collected we are becoming more and more vulnerable.
There are steps we can take to protect our information and the information people give to us in trust. If that trust is breached there are also steps you can take to minimize any damage to your reputation.
- Know the law and a process in place for communicating a breach in data.
- Have a team in place that is prepared and ready to address issues related to privacy, breaches and other reputational risks. This includes: Legal, IT, HR, Marketing and outside firms that includes legal counsel, PR counsel, insurance companies.
- Gather the facts. First determine what happened.
- Then determine your course of action and the messaging for communicating that.
- Focus on complete and full disclosure. Never take a breach lightly. Be vigilant. Don’t hide anything and don’t delay in informing. Today we knowbreaches will occur and our data will be compromised. But let me know it was my information and what you are going to do to protect me.
- Reach out to the media and educate them on what happened, how it happened and the steps you are taking in repairing it. Think of the media as a partner to help you get your message out, not as the enemy.