Your brand sets you apart from competitors. It’s what potential clients and customers think of when they hear your company name or see your logo. Done right, branding makes you as recognizable as Nike’s swoosh or Target’s red bull’s-eye. But in this digital age, brand, word-of-mouth, spreads like wildfire, particularly bad news. Security professionals and the federal government say, “It’s not a question of if, just question of when” your company will face a cyber-attack. What damage can be done, and what can you do about it?
Cyberattacks often maliciously compromise business function without the attainment of any of your digital information. Such common cyberattacks adversely affect business function and are therefore costly, but they are nothing compared to the expense of your digital information. Batches of employee social security numbers, stored customer email addresses and credit card numbers, healthcare records, etc, all have a price on the black market. Often, selling such information is the only end goal of the cyber criminals. It may be months or even years before the compromised data is used for such things as making fraudulent charges or filing fraudulent tax returns. Still the damage is done, and the branding damage begins.
A couple of years ago Target stores had an expensive lesson in cybersecurity. Between late-November and mid December 2013 (peak holiday shopping time), Target experienced a data breach and as many as 40 million customer credit card numbers were stolen. When word leaked, both banks and consumers filed class action law suits and Target paid out an estimated $252 million in damages. That year the company’s annual profit fell 34%. Even when customers returned, many said they would only pay with cash if they shop at Target, part of the damage to the brand.
If a company the size of Target, with the resources for teams of security professionals and advisors, can take such a hit, what about small or mid-sized companies? Some fold after a cyberattack. Ever heard of Code Space? Norvanix? MyBizHomepage, once valued at $100 million? All companies that likely failed as a result of security breaches.
With some preparation, your company, no matter the size, can prevent failing after a cyberattack. By monitoring for threat before it occurs, having a fast action plan worked out in the event of compromised data, and including in your action plan how you will cope with a breach while managing your brand, your company can survive.