In a past life, I worked for a small, boutique PR agency that specialized in the hospitality industry. Routinely, my job focused on promoting special rates, new pools and spas, and executive chefs who were convinced they were destined to be the next Emeril.
Occasionally, however, amid the mundane, someone would jump off a balcony, dive into the shallow end of a pool or – worst of all – hide a dead body in the trunk of a car abandoned in the hotel parking lot. As PR pros, we lived in fear of those events, wishing we’d had the foresight to notice that abandoned car and drive it off the lot before the body was discovered.
Today, data breaches are the business-busting digital equivalent of a dead body in your parking lot. And if you think that worrying about such things occurring in your company is up to your IT team and not your job, think again.
As content marketers and PR professionals, we must deal with the fallout from a data breach. We all need to be aware of the risks, what we can do to mitigate them and what actions we need to take if our companies do experience a breach.
A data breach occurs when proprietary information – such as credit card account numbers, email addresses, names and birth dates, etc. – is lost or stolen from a company’s information systems. Some breaches are the result of malicious attack, such as the theft of information from Target’s customers, while others are the result of human error, like when an employee forgets his work laptop in an airport coffee shop.
All this relates to marketers and PR pros in two main ways.
First, every marketer collects and maintains lists of target consumers. Those lists can be as valuable to cyber crooks as they are to you. It’s imperative your company have safeguards in place – such as encryption, firewalls and employee protocols – to protect proprietary data, including information held and used by your marketing team.
Second, when disaster strikes, your team may be called upon to participate in the recovery process and manage public perception in the wake of the breach. A PR crisis plan should be an integral part of your company’s overall data breach response plan.
A data breach can be a PR practitioner’s worst nightmare. In addition to the very real financial losses – including loss of business – that a breach engenders, the loss of customer trust and tarnishing of your brand can be devastating. In 2012, data breaches cost companies an average of $188 per compromised record, and more than $3 million overall, according to a Ponemon Institute report. And in a study by Ponemon and Experian Data Breach Resolution, 81 percent of respondents said a breach would negatively affect their brand image, with 39 percent of those saying it would devalue their brand 11 to 20 percent.
Cyber security experts roundly agree that, for most companies, it’s just a question of when a breach will occur, and how prepared they will be to deal with it when it does. If your organization doesn’t yet have a plan for coping with the PR fallout of a data breach, now’s the time to start thinking about it. Think of a data breach response plan as the modern-day equivalent of driving the car off the parking lot before the body gets discovered!