It wouldn’t be inaccurate to call 2019 the year of the data breach. The past 12 months have given us some of the worst cyber-incidents in history. The most recent and severe involved People Data Labs, which exposed the personal information of over four billion people. To anyone who’s been paying attention, it comes as no surprise that trust is in short supply.
In a recent survey by Pew Research Center, 80 percent of U.S. adults expressed great concern over not being able to control how companies use their data. Consulting firm PWC, meanwhile, found that 69 percent of consumers believe companies are vulnerable to cyberattacks. In that same survey, only 25 percent of respondents expressed the belief that most companies handle their sensitive data responsibly.
People no longer feel that businesses have their best interests at heart from a data privacy perspective. They do not believe their information is being used responsibly by the businesses that collect it. They do not trust enterprises to be responsible and conscientious with their data.
I don’t blame them.
To be blunt, the current state of cybersecurity is abysmal. From the ever-growing fleet of poorly-managed, insecure Internet of Things (IoT) devices to the blatant disregard even major enterprises seem to hold for basic security hygiene, we seem to be living in an era where cyber-incidents are the rule rather than the exception. To call it disheartening would be an understatement.
The one silver lining in all this mess is that if your business is one of those that takes security seriously, that’s a major selling point for your audience.
“Companies across every vertical will need to prioritize data privacy and security, clearly demonstrate these priorities to consumers, and safeguard their relationship with customers by being fully honest about the dangers of data in the digital age,” explains Immuta Chief Legal Officer Andrew Burt in a piece on Harvard Business Review. “The future of technology – indeed, the future of business – is all about trust.”
In short, your audience wants to be assured that in using your products and services, they aren’t putting sensitive data at risk. They want to know that you aren’t going to put them at risk of identity theft or fraud. Finally, they want to know that if they do suffer a data breach through your software or servers, you’ll react in a timely fashion to minimize the damage done to their personal and professional life.
Achieving this requires a multifaceted, organization-wide approach to data security. It demands an understanding that protecting your data is not solely the domain of your security team, but a process in which every single department has a stake. More importantly, it requires careful organization and knowledge of your business’s assets and systems.
The first step in instituting such an approach involves becoming more proactive about data security. Make cybersecurity awareness training a cornerstone of your business’s day-to-day. Explain to the C-Suite, in their own language, why cybersecurity should be a core decision driver.
Keep your own ear to the ground where your organization’s risk profile and threat landscape are concerned. Pay attention to new and emerging threats. Regularly revisit, review, and test your security policies and processes so you can readily adapt to major changes.
And perhaps most importantly, have an ironclad crisis response process in place that enables you to immediately identify and notify impacted individuals in the event that a breach does occur. There are some situations where a cyber-incident is unavoidable. In these instances, how quickly your business reacts and what it does to help affected victims is vital.
No matter what, you’ll have some disgruntled customers. Your reputation will still take a hit. But all the same, the faster you’re able to react, the smaller that hit will be, and the likelier your audience is to forgive you.
The trust people have in businesses and brands is gradually eroding amidst a sea of cybersecurity disasters. People no longer believe their data is safe with most organizations. The first step in regaining that trust is showing that you’re an exception to the rule.
It’s demonstrating that you take the protection of customer data seriously, and you’re willing to do everything necessary to maintain a strong security posture.
Learn more about Liberty Center One.