For businesses and consumers alike, it’s been an interesting start to the year where information security is concerned. The term “data breach,” for the time being at least, has become synonymous with some of the biggest brand names in the world. Bugs, viruses, malware—years ago, these were terms for techies and sensational warnings in email forwards, at least as far as the average consumer was concerned.
Now it seems we can’t go a week without data security being a front page story on CNN. In fact, last week it was eBay’s turn. Then there’s last month’s news of the Heartbleed Bug, a vulnerability affecting up to 66 percent of the Internet that has grabbed headlines and sent users scrambling to change their passwords.
It seems like more than ever, we’re given reasons to worry about the privacy and confidentiality of our data as we do business and browse the web. But is this because there are more threats than ever before, or because businesses are changing the way they respond to them? The answer is both.
“There are more organizations this year with pre-breach response plans in place,” says Michael Bruemmer, vice president of Experian Data Breach Resolution, although not everyone is reacting as quickly as they could. As revealed in the 2014 Cost of Data Breach Study: Global Analysis, sponsored by IBM, the average cost of a breach to a company was $3.5 million in U.S. dollars. That’s up 15 percent from the previous year. As recent headlines have shown, dealing with data breaches is a part of doing business, but so is preparing for them.
Developing a core team of individuals with the leadership capabilities to provide support across the organization when an incident strikes, as well as formulating strategies to identify, contain and eradicate issues that cause data leaks, will always be at the core of effective incident response. But with customers increasingly expecting transparency from their service providers, make sure to stay on top of any regulatory or contractual requirements that may be placed on your organization. Breach reporting regulations are always changing, and it’s important to be aware of new developments for your sake and those of your clients.
One of the keys to maintaining, and if need be, restoring, customer confidence is adequate communication. Oftentimes a mailed letter is a better channel than sending an email, which affected customers may not trust. If you’re concerned about being able to effectively communicate to your customers in the event of a security incident, contact us to discuss how IWCO Direct can help you to respond to a data breach.
Subscribe to SpeakingDIRECT to have new articles delivered to your inbox as they post. We promise to keep it fresh and interesting.