Retaining an appropriate crisis management
How an organization publicly responds to a breach incident can make all the difference when it comes to regulatory and legal liability and the organization's reputation. The costs of a breach often extend beyond legal damages and regulatory/industry fines. Organizations can lose customers and experience sharp declines in share price. And no company wants their corporate name to become synonymous with "data breach."
The right crisis management company will understand the profound effect that a data breach can have on any enterprise. Bruemmer advises that a crisis management firm "should have a strong understanding of data breach processes and experience in crisis communications with both traditional and social media channels. While any PR partner could have the best intentions, if they don't understand all the steps of the data breach response process, they might suggest a strategy that leads to public statements that can land the client organization in hot water."
"It is important that a crisis communications team is intimately involved in all aspects of data breach planning and preparation," said David Chamberlin, executive vice president and head of the data privacy and security group at Edelman. "This is an issue that affects the trust stakeholders have in a company. Integrating communications helps the company lessen the reputational and bottom-line damage a company will experience during and following a data security incident."
Since identifying appropriate breach experts is a relatively new task for many companies, consider starting with a key expert such as outside legal counsel or a cyber insurer to obtain referrals for breach response team members. Also, explore the growing number of data breach and cybersecurity trade shows and conferences to network with and vet breach coaches, forensic firms and crisis management specialists. Lastly, when the full breach response team is assembled, remember to practice the response plan with all team members to ensure that everyone understands their roles and can work together as an effective team.
Sign up for Computerworld eNewsletters.