Data breaches are on the rise and can prove incredibly costly to a business. A study by IBM and the Ponemon Institute, which focuses on data privacy, found that a data breach costs a U.S. company an average of $8.2 million (and costs companies worldwide about half that amount). The biggest factor is lost customer trust.
While businesses are moving their IT operations to the cloud at a faster pace than ever, the cloud is still subject to security concerns. Working in crisis communications, I’ve seen numerous high-profile corporations through breaches and attacks by hackers and internal bad actors. Looking to contain reputational damage, they may try to limit what people find out, quickly place blame on the cloud service provider, or both.
A data breach is the one type of crisis that carries the highest possible expectation of transparency from stakeholders, so such mistakes end up costing companies dearly. Concealing information from those potentially affected can be lethal to a company. (Adam Levin, a digital security expert and author of the book Swiped, has said doing so “can result in a near extinction-level event” for an organization.) While transparency has long been the best way to handle breaches, the need for it is more vital than ever in the cloud era.
Get Updates on Innovative Strategy
The latest insights on strategy and execution in the workplace, delivered to your inbox once a month.
Please enter a valid email address
Thank you for signing up
These days, companies see data as their leading driver of future growth. Data has even been called the world’s most valuable resource. Stakeholders are aware of this. They know that there’s a huge black market for stolen private information, and they expect businesses to let them know what information may be out there.
Powerful examples of what not to do abound. A prominent one is Yahoo, which had the largest data breach in history — and faced criticism not just for the breach, but also for its handling of the situation. As Fast Company put it, “Yahoo took three years to tell the public about it.” Not only did the company’s bungling of that case decrease its sale price, but the breach still pops up in news stories, extending the lasting damage to the company’s image.