BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

How to Turn Your Data Security Plan Into a PR Asset

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 19 Aug 2014 19:39:36 -0600
http://www.business2community.com/business-intelligence/turn-data-security-plan-pr-asset-0978062#!bGtPkt

Chances are, you already know why it’s important to protect your data
against any potential attacks. At best, data breaches cost you a lot of
money and time; at worst, they have the power to bring down an entire
company in one fell swoop.

But a strong security plan is more than just a way to protect your company
from disaster. By being transparent with customers and developing a strong
recovery plan, you can turn your security strategy into a strong selling
point.

Transparency Is Good for Business

With data breaches gracing the nightly news a little too often, customers
welcome the opportunity to work with a vendor who has great data security
implementation. Here are three major benefits to being transparent about
your security strategy:

1. Your customers will feel safe. In an era when security breaches affect
everyone from major chains like Target to charities like Goodwill,
consumers are increasingly wary of sharing their sensitive information. If
your customers know you take security seriously, they’re more likely to
pick you over a competitor.

2. It can save money. Your proof of security practices can actually help
customers pay less on their liability insurance. Since you pose a decreased
risk to your clients, they can access better rates.

3. You’ll be ready for regulation. If you work in a heavily regulated area
such as healthcare, there’s a good chance you already have to adhere to
certain security requirements. If potential partners know you already have
the proper safeguards in place, then you’re more likely to win and retain
their business.

Use a Data Breach to Your Advantage

Even with the tightest security, a data breach is still possible. It’s
important to get ahead of these potential disasters and improve your
reputation in the process. Here are four tips for proactively addressing
security breaches:

1. Come up with a plan, and publicize it. It’s always better to be prepared
than to have to reactively respond to a breach. Set up a 24-hour response
plan to deal with the fallout. At this stage, customer retention is
imperative, and this plan can turn a potential PR disaster into a shining
example of how to handle a worst-case scenario.

2. Consider what insurance will cover. Data liability insurance complements
a strong security plan. With these two things in place, a breach doesn’t
have to be a fatal event for your business. This is also crucial because it
directly correlates with what you can do for your customers after a breach.
If you can get your policy to pay for certain data breach remediation
steps, for example, you should promise those services or actions to your
customers. Then, you can back up your word with proof of insurance to cover
the remediation.

3. Don’t over-promise. Make sure you consult your lawyer on exactly what
you can promise to your customers in the event of a breach. You don’t want
to make things worse by offering promises that would create a liability.
It’s better to under-promise and over-deliver than to lose your clients’
trust.

4. Know your legal responsibilities. Make sure you know exactly what you
need to disclose in the event of a data compromise. Not only is swift
disclosure a great way to let your customers know that you’re on top of the
situation, but it may also be mandatory.

Security is a necessity nowadays, but it can also be used to highlight your
company’s competitive edge. Tout where you go above and beyond the
competition, and issue press releases with every security audit you pass. A
strong, well-publicized security strategy tells your customers that you
have their best interests at heart every step of the way.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: