Cyber threats are a fact of life for today’s organizations. Is your organization really prepared to respond to the ever-increasing, always-changing lineup of potential cyber incidents and security breaches?
Let’s review the Online Trust Alliance (OTA)’s recently released 2017 Cyber Incident & Breach Readiness Guide. The guide highlights the pivotal role communication plays in protecting organizations from cyber incident-related fallout.
More than 82,000 incidents—comprising unauthorized access to a system or device and its data; extraction, deletion or damage to any type of data; disruption of availability or integrity of any business operation; and activities leading to financial or reputational harm—impacting more than 225 organizations daily were documented in 2016, according to OTA data. Not only that, but analysis indicating that because many cyber incidents went unreported, the total number may actually have exceeded 250,000. Perhaps most alarming of all, however, is the fact that cyber security experts predict even more cyber crime in the year ahead.
Developed for use in both the public and private sectors, the OTA guide aims to help organizations of all sizes “better understand the issues and solutions which can enhance their data protection practices and enable them to develop readiness plans in the event they incur a data loss incident.”
Specifically, OTA identifies two steps to the planning process:
In our era of all things instant and in which cybersecurity issues have infiltrated the everyday, the importance of immediacy cannot be overstated. Factor in that today’s consumers “are becoming jaded and risk being overwhelmed by the sheer volume of data breach notices,” and the imperative is undeniable: Only “clear, discoverable and comprehensible” notification processes and plans which are “easily understood by the target audience” can ensure that your message rises over the din.
Speaking of your message, what should it contain, according to OTA? Whether communicating with internal teams, key partners and customers, regulators, law enforcement, impacted parties, or the press and media, your message should prioritize ownership, clarity and accuracy of information. Also useful when attempting to establish, grow or repair trust with your constituents? Additional communication measures, such as bilingual options and easy access to assistance.
While OTA determined that 90 percent of all cyber incidents were preventable in 2016, it also reinforced that fact that “that there is no perfect security and any organization is at risk.” The takeaway? Not only must all organizations make cyber security a priority, but they must also acknowledge best practices for notification and communication in the event that a data breach, DDoS or other cyber incident occurs.