Enhancing data security will draw more of Washington’s focus. Are you engaged in the process, yet?

May 13, 2014

Enhancing data security will draw more of Washington’s focus. Are you engaged in the process, yet?

Data security issues are top of mind these days for corporate leaders – and for good reason. The numbers are sobering. Target’s ubiquitous incident aside, in 2013, the Verizon RISK team reported more than 1,300 data breaches. The average cost to a company of a data breach is up worldwide in 2014 too, according to the latest annual Ponemon Institute study. In the U.S., a data breach costs organizations on average $5.85 million. The U.S. likewise had the highest cost per record stolen, at $201, up from $188 last year. The country also led in terms of size of breaches recorded: U.S. companies averaged 29,087 records compromised in 2014.

I am pleased that our team at CLS Strategies is working on this issue every day.  Our crisis experts help companies plan ahead, our media team works with writers on the beat, and our digital strategists monitor for early signals and recommend steps on how our clients can best engage and direct their resources.     

As just one example, CLS Strategies is helping the National Consumers League develop and launch its new Data Insecurity Project, which will examine the experience of consumers caused by data breach.  For some, it comes in the form of a breached email account, while for others it leads to identity theft, credit card fraud, and stolen property. NCL is examining the efficacy of current programs aimed at helping consumers, such as data breach notification and credit monitoring. 

Lawmakers and federal regulators are awake to our data security problems, and through telling the consumer side of the story, we will help NCL raise awareness of various reform proposals.  For example, since the Federal Trade Commission (FTC) has sightlines into all cases of breach and their investigations, the Commission might consider issuing guidance and best practices information to companies to help them combat hackers.  If companies are better informed by the government with the information they need to more effectively mitigate a breach, everyone benefits.

As my colleagues and others have opined, Target has become the poster child example of how to mishandle communications while in crisis. There is no doubt Target made mistakes. While the company may have had technology safeguards put in place, it’s mishandling of communications points to the lacking of a communications contingency plan. This is an area where I have offered clients advice - what to do when it’s time to break the glass and make clear this is no longer a fire drill. More and more companies are realizing that in addition to data loss prevention, malicious code detection and vulnerability scan tools, how to communicate internally and externally when a data breach occurs belongs on the same list.  

There are many lessons to be learned from data breach.  Among them, business leaders need to make sure that a communications plan is established, that it is tested regularly, and that is it nimble and prepared to endure and remain strong in an environment where the situation and stakes will change rapidly. Effective communications can help to keep your reputation and credibility intact.  Companies that store consumer data, whether for purchasing music or household goods, banking or keeping family medical records, are entrusted by their customers to keep this data and personal information safe. Period. While trust is difficult though not impossible to rebuild, it’s better from the start to demonstrate a genuine effort to play it straight.

 

Slide Up

Contact

Written by clsdcadmin On the

Have a question? Interested in working with us?

We would love to hear from you. Fill out the form and let us know how we can help.

We usually reply within a few business days. Call us at 202-289-5900 if the matter is urgent.

1615 L St. NW 10th Floor Washington, DC 20036 ×

Directions to CLS

Get Directions 1615 L Street NW 10th Floor Washington, DC 20036 ×