Counselor Commentary: Protect Your Digital House

It's Long Past Due To Have Response Plan In Place

Andy CohenSome sobering studies have been released recently. One from Experian Data Breach Resolution and the Ponemon Institute reported that 43% of all companies have suffered a data breach within the past year. That’s a tremendous amount of companies that have left their own data – as well as that of their customers – at risk of being stolen.

Even further, the list of major corporations that have had their information systems hacked into is a who’s who of the retail world in the past year: Target, Supervalu, Neiman Marcus, Home Depot, ACME Supermarkets, Albertsons, Michael’s. The list is sure to grow as the holiday shopping season – a popular time for cyber criminals to do their thing – gets into full gear.

The good news is that many companies are recognizing the threat and are beginning to implement data breach protection plans. The Experian study found that nearly three-quarters of businesses currently have data breach response plans and teams in place, a 12% increase from last year. The bad news? A full 68% of respondents still said they felt unprepared to respond to a data breach, and 78% admitted they don’t regularly update their data breach response plans to deal with changing threats.

“While more organizations have data breach preparedness on their radar and have developed a response plan, a majority of companies are not putting the support and resources behind having it truly be effective,” said Michael Bruemmer, vice president of Experian Data Breach Resolution. “A checklist response plan alone doesn’t mean you’re prepared. There should be an incident response team in place that practices the plan and ongoing investment from the C-suite to ensure technologies are up-to-date, external breach experts are secured, and selection of an identity protection product for affected customers is determined prior to an incident to ensure a quick and smooth response.”

Do you have everything on that list in place right now? You should. Protecting your company’s information today is as important as generating new business. After all, if your clients’ data is compromised, they could be looking for new vendors pretty quickly. The initial key to overcoming a data breach could be a rapid response and communication plan, say experts.

“What customers want is open communication about what is going on,” said software provider and digital consulting firm Customer Expressions, in a recent report. “Let them know right away if there has been a data breach, so they can begin to cover themselves and keep tabs on their accounts. This gives them some power to help protect themselves. Waiting months or withholding the information about the breach will have negative consequences. Also, let your customers know what you are doing to help ensure their information is safe in the future.”

It’s difficult, though, to clearly communicate to customers when you don’t have a response plan implemented in advance. Don’t have one? It’s long past time to get it done.