BreachExchange mailing list archives
How to Turn Your Data Security Plan Into a PR Asset
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 19 Aug 2014 19:39:36 -0600
http://www.business2community.com/business-intelligence/turn-data-security-plan-pr-asset-0978062#!bGtPkt Chances are, you already know why it’s important to protect your data against any potential attacks. At best, data breaches cost you a lot of money and time; at worst, they have the power to bring down an entire company in one fell swoop. But a strong security plan is more than just a way to protect your company from disaster. By being transparent with customers and developing a strong recovery plan, you can turn your security strategy into a strong selling point. Transparency Is Good for Business With data breaches gracing the nightly news a little too often, customers welcome the opportunity to work with a vendor who has great data security implementation. Here are three major benefits to being transparent about your security strategy: 1. Your customers will feel safe. In an era when security breaches affect everyone from major chains like Target to charities like Goodwill, consumers are increasingly wary of sharing their sensitive information. If your customers know you take security seriously, they’re more likely to pick you over a competitor. 2. It can save money. Your proof of security practices can actually help customers pay less on their liability insurance. Since you pose a decreased risk to your clients, they can access better rates. 3. You’ll be ready for regulation. If you work in a heavily regulated area such as healthcare, there’s a good chance you already have to adhere to certain security requirements. If potential partners know you already have the proper safeguards in place, then you’re more likely to win and retain their business. Use a Data Breach to Your Advantage Even with the tightest security, a data breach is still possible. It’s important to get ahead of these potential disasters and improve your reputation in the process. Here are four tips for proactively addressing security breaches: 1. Come up with a plan, and publicize it. It’s always better to be prepared than to have to reactively respond to a breach. Set up a 24-hour response plan to deal with the fallout. At this stage, customer retention is imperative, and this plan can turn a potential PR disaster into a shining example of how to handle a worst-case scenario. 2. Consider what insurance will cover. Data liability insurance complements a strong security plan. With these two things in place, a breach doesn’t have to be a fatal event for your business. This is also crucial because it directly correlates with what you can do for your customers after a breach. If you can get your policy to pay for certain data breach remediation steps, for example, you should promise those services or actions to your customers. Then, you can back up your word with proof of insurance to cover the remediation. 3. Don’t over-promise. Make sure you consult your lawyer on exactly what you can promise to your customers in the event of a breach. You don’t want to make things worse by offering promises that would create a liability. It’s better to under-promise and over-deliver than to lose your clients’ trust. 4. Know your legal responsibilities. Make sure you know exactly what you need to disclose in the event of a data compromise. Not only is swift disclosure a great way to let your customers know that you’re on top of the situation, but it may also be mandatory. Security is a necessity nowadays, but it can also be used to highlight your company’s competitive edge. Tout where you go above and beyond the competition, and issue press releases with every security audit you pass. A strong, well-publicized security strategy tells your customers that you have their best interests at heart every step of the way.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- How to Turn Your Data Security Plan Into a PR Asset Audrey McNeil (Aug 20)