Virtual Graffiti Australia Pty Ltd - Your Source for Technology, Security & Networking Solutions

Call Today! (02) 9388 1741


Call Today: (02) 9388 1741
  1. Home
  2. Industry News
  3. Article

VG Tuesday Tips: If you’ve had a security breach…10 steps you need to take

Follow us for your more blog posts today! Companies think about improving their security technology after an attack or worse, a security breach. Small and medium businesses are not immune—two-thirds of SMBs have faced cyber-attack. Better to put up a stronger defense now with solutions like Unlimited|Network Security. However, if you do find yourself compromised, you can work towards repairing your reputation. This January TechGenix article offers a checklist of 10 actions to take restore reputation and customer trust after a data breach. We’re sharing its content through GFI TechTalk.

Step 0: Avoid the breach by protecting yourself!

Every organization—small to large—can afford a solid cyber-security barrier to protect your hard work and customers. As mentioned above, a one-price comprehensive solution like Unlimited|Network Security can protect you from malicious attacks. Prevention is far easier and less costly than the tasks below.

1: Be transparent

The data breach has happened. Even if you believe owning up will bring some harm to your image and bottom line, do not cover up a data breach to protect your organization. Once the truth comes out, the reputation loss is far worse than any reprieve the deception provides. Owning up to the incident will demonstrate that you are willing to pull out all the stops to be truthful. This will strengthen customer trust and cement their loyalty.

2: Timely, responsible notification

Move with speed as far as communication is concerned. Customers want to know quickly what’s going on and how it affects them. Be accurate. To get it right, run a thorough investigation with urgency and share the information with customers.

3: Customize communication

Map out the impacted customer base and identify any specific needs or risks of different customer segments. From that, develop different messages for the different segments. It may mean having to wait a few more hours, but customized messages will deliver higher impact and be less prone to ambiguity or interpretation. For example, if your customer base spans multiple regions and countries, you may have to send out messages in the language used in each region instead of a single message.

4: Manage expectations

Angry customers may push you into commitments that cannot be met. Telling affected customers that services will be restored immediately, whereas the technical team asked for 24 hours, will prove a headache for you and could elicit calls for compensation. Be honest about resolution times, even when it’s not what your customers want to hear at that moment. Once the incident has dissipated, they will know that your word can be counted on.

5: Focus on customer interest

Following a data breach, there’s considerable work in containing the fallout, sealing gaps, preventing a future breach, and restoring reputation. Many organizations turn to third parties with proven expertise tackling similar incidents. They may have to evaluate multiple consultants before choosing one. Ensuring you get value for money from a security consultant is important, don’t leave the impression that saving money takes priority over customer data protection. This delay can harm customer interest and tarnish the organization’s reputation.

6: Show empathy

No one wants their most confidential information to land in the hands of criminals or unauthorized persons. A data breach can, therefore, be a traumatic event for some. Show empathy in your communication. Keep your message professional but not indifferent or arrogant. Demonstrate your willingness to assist and detail the actions you have taken to mitigate the risks that come with the breach.

7: Provide useful, relevant guidance and assistance

One of the biggest dangers of a data breach is identity theft. Be prepared with the guidance and assistance your customers may require to manage this risk. If the data breach involved the loss of user names, passwords, and credit card numbers, you can offer credit monitoring and noncredit monitoring. Credit monitoring is fairly straightforward. Noncredit monitoring would involve searching the visible and Dark Web for persons, organizations, or platforms offering this information for sale.

8: Offer a consistent customer service experience

When a data breach occurs, you can expect an avalanche of calls, emails, and office visits from anxious customers. This surge in inquiry volume can be overwhelming. These are the moments when your reputation can soar or sink. Customers will remember how they were talked to when they called to find out if their information is safe.

9: Counter competitor response

Your rivals may realize this is a vulnerable moment for you. Their promotional activities could indirectly reference your data breach as a cause for customer concern. You have to keep an eye on them and develop counter-actions. You may also proactively develop your own charm offensive whether competitors launch an attack or not. Offer special promotions, free services, discounts, and other incentives that will make your customers want to stay.

10: Do better going forward

It is futile to go through all these actions to protect your business reputation and win customer trust if you continue experiencing similar data breaches in the future. Even the most patient and loyal customers have limits as to how much they are willing to overlook a mistake, especially one that involves the security of their confidential information. An apology is only meaningful if it comes with the appropriate changes in process, procedure, and behavior. Now is the time to reinforce your cyber-security defenses.

Restoring reputation and customer trust is a long-term project

Today’s customer has higher expectations of businesses than ever before. Despite these lofty demands, customers are rational and realistic. They understand that if cyberattacks have plagued some of the world’s largest and best-resourced organizations, no one is immune. What they want to see after the breach is action that shows a commitment to quickly contain the impact, mitigate risks, and prevent a recurrence. This inspires confidence and trust—crucial ingredients in rebuilding your organization’s reputation. Restoring reputation and customer trust after a data breach is a long-term, multifaceted endeavor. Acting quickly and professionally puts you in position to get back to your original reputation.