[Editor’s note: This guest post comes to us from David Share, director at London-area IT support and service firm Amazing Support. In it, David takes a look at the impact IT security issues can have on that all important asset – reputation.]
When a business broaches the subject of IT security they will undoubtedly boil the matter down to money and data. Both are extremely important for a business. If money was lost in the cyberattack, then the company’s figures take a direct hit. If data was lost or compromised in the attack (the more common scenario) then operations crawl to a grind and resources must be used to try to regain the lost data resulting in more money lost. Now don’t get it wrong, money is important. It fuels the operations of the entire business. Data is the foundation upon which many businesses attract and retain clients. However, there is another business factor at stake that, in this day and age of social networking, can hit harder than either of the first two. Reputation.
A company’s reputation is paramount. It is a reflection of how much a client trusts them. The more trust given to a company, the higher their perceived reputation. Money can be lost, but it can always be made back again. Data can be lost, recovered or duplicated. Money and data run on figures and metrics, they are in a way very binary in their interactions with people. Money or data is either there or it isn’t. But reputation is different. It doesn’t operate on metrics but rather on emotions. A company’s reputation is basically how a client “feels” about that company. Can I trust that company? Are they crooks? Do they have my best interest in mind? Am I just a figure to them? These questions and a host of others run through the minds of clients when they assess a company.
So when companies are hit with a cyberattack it is not only their systems that are breached. The very fabric of trust and reputation that emotionally connects the client with the business is being torn to shreds. Clients don’t often see the financial impact of what data loss can mean to a company. However, in their eyes, data loss means that the company has failed them. It has failed to keep out the “bad guys”. It casts over a shadow of doubt and uncertainty, that begs them to ask the question, “Should my business stay with this company when it can’t even protect my information?” It may sound like a simple and innocent enough question, but this single question has the potential to destroy relationships and bankrupt businesses.
The harsh fact is that the majority of businesses will experience some sort of cyberattack. Yes, the criminals are just that good (and getting better by the day), and yes, the majority of businesses are just that unprepared. Companies must now think of their reputation as something just as essential as a server, and have policies set in place on how to deal with attacks to it.
A good first step would be to pre-empt your client’s fears. Let the client know that in today’s security environment the chances are high that the companies system might come under attack and that a breach may happen, no matter how hard you try or how much resources you put in place. Naturally, they will be taken aback by this. But before they take their business elsewhere, let them know that you have a plan in place to deal with any issues that may spring up. You should of course have already created a crisis management place to tackle with various forms of cyber threats. Show them the steps that you and your company are willing to take to ensure that, in the event of a cyberattack, the right and appropriate steps are known and will be taken to remedy the situation.
On the backend you will need full media training for any spokespeople. Do not let your individual salespeople, customer service staff or account managers speak on behalf of your company. Any and all inquiries should be addressed by a professional spokesperson who not only has the facts, but has the ability to convey the message in a way that will not damage the trust that bridges your brand and your client.
Finally, create a “Red Team”, a team dedicated to attacking your system and uncovering any vulnerabilities in the actual security and in the handling of the situation. These in-house war games are not only a good exercise, but are more and more becoming essential to the well-being of many a Fortune 500 company. Renowned social media expert and serial entrepreneur, Gary Vaynerchuk once noted that a company should always strive to find the way to put itself out business, before someone else comes along and does it for them. This sentiment cannot be more true when it comes to finding the weaknesses in your security and the processes surrounding it.
In today’s hyper-connected world, it has never been more important for you and your business to be on solid footing; on a technical sense, on a fiscal sense and on a social perspective sense. While data and money can be considered currencies, so too is trust as there is inherent value in it. Data can be copied or it can be retrieved. Money can be re-made or it can be retrieved. Reputation, however, is very difficult to rebuild and nearly impossible to be retrieved. Test it or lose it at your peril.
David Share
Director at Amazing Support
David has held positions as Operations Director and Head of IT in legal and professional firms for more than 10 years. He is a Director and co-owner of Amazing Support, a Microsoft Silver accredited and specialist Managed IT Support and IT Services company. David actively helps SME businesses receive better Managed IT Support and IT Services in the London and Hertfordshire areas. He also assists overseas companies who are looking to expand their business operations into the UK and helps with their inward investment IT process. A professional member of The Chartered Institute for IT (BCS) and an event speaker promoting business start-ups and technology awareness. Married with a son, you will often see him riding his bicycle around the Hertfordshire towns! David regularly participates in charity bike rides for the British Heart Foundation.