Can you afford to lose one-third of your client base? If your business suffers a data breach or cyber-attack, that’s exactly what could be at stake. After an organization has been breached, many clients will decide to no longer do business with that company based on their reputation. Not surprisingly, it’s also quite difficult to obtain new clients if word on the street is that your data isn’t safe. Data breaches can be expensive – from lawsuits to regulatory fines and business disruption to credit monitoring services – but cutting off the revenue supply can prove deadly for many businesses.
Will the Cat Get Out of the Bag?
Generally speaking, a cyber-attack isn’t something a business can keep under wraps, nor should they even consider it. Organizations whose systems have been breached and whose data has been exposed have a legal obligation in almost every state to notify those affected. In our fast-paced and connected world, it won’t take long for the chatter to start. As news of the attack spreads across social and mainstream media, a company has little chance of hiding from the situation.
Honesty Is the Best Policy
Some cyber incidents are slightly less obvious to the general public, such as ransomware, denial of service attacks, and fraud arising from social engineering. Attacks that do not involve a compromise of personal data don’t carry the same notification requirements. These attacks can still impact a company’s ability to do business and consumers who become aware of the attack long after the fact may feel they’ve been misled about the security of the business. Proactive outreach to clients and the community shows the business is interested in and values their customers. As the old adage goes, honesty is the best policy.
Don’t Get Complacent
Some organizations are tempted to think that a cyber-attack won’t happen to them because they don’t have the kind of sensitive personal information hackers seek. However, business owners must not ignore the fact that for some cyber criminals, money isn’t the only prize. If the goal is disruption and your business suffers or loses customers, then their job is done even if they didn’t get a cent from you.
Can Insurance Really Help Your Reputation?
Can you insure your reputation? There’s no way for a business to get a payment directly attributed to this intangible risk. However, the right insurance policy can respond to threats of reputational harm by providing funds that can be used to prevent or mitigate the reputational damage done. A cyber liability insurance policy can often cover expenses related to hiring a public relations firm and marketing professionals, lawyers, and forensics teams.
As focus on cyber incident readiness increases, business owners will increasingly turn to their cyber incident response plans for guidance. No response plan is complete if it doesn’t make provisions to protect your reputation. Once your reputation is damaged, it’s incredibly difficult to restore it. Having a team at the ready and an arsenal of resources will go a long way to keeping your reputation intact.
All insurance policies are different. Be sure to review your insurance policy for specific information about coverages available to you. Nothing in this post is meant to suggest a guarantee of coverage.