Every year since the internet has existed, the total number of hacking attacks has increased. There’s never been a year where we’ve seen a decrease. Every year, in addition to seeing more attacks, we’ve also seen them grow in sophistication and complexity.
Most business owners only think of security in the abstract, and they only consider breaches after they’ve suffered one. Most of the time, people are inclined to count the costs of a breach and use that as a measure of how expensive or severe the breach actually was.
That’s certainly one metric – there are tangible costs associated with upgrading security systems and repairing damages in the days and weeks immediately following a successful attack against corporate security.
That is not, however, where the damage stops.
There are two primary impacts above and beyond the dollar cost. The first impact is to your customers. If customer data are compromised as a result of the breach, then while you and your company are not at risk, your customers certainly are. The impacts to your customers will be highly dependent on what kinds of data you collect and keep, and what the hackers were able to make off with. If the hackers have gained the social security numbers of your customers, then they’re at risk of identity theft. If it’s credit card numbers, then they’re at risk of financial losses. Neither of these are good options, but both are your responsibility. If you don’t take immediate steps to mitigate the damage to your customers, you’ll soon find yourself in an even worse position that will impact your bottom line for months, and possibly years to come.
Even if you do take those steps, you’re still looking at a loss of trust by your customers, and rightly so. They have a right to begin to question and doubt you. After all, they did business with you in good faith, and in return for that trust, their data wound up in the hands of criminals. Unless you take immediate action to remedy it, that’s the impression that’s going to stick. That’s what your customers are going to remember.
The unfortunate side effect is that if that’s what your customers remember, then they’ll walk away. You’ve got to give them a reason to continue to do business with you at that point. The way you do that is by shoring up your company’s defenses, mitigating the potential losses to your customers, and reassuring them loudly and in public that the problems have been resolved. These kinds of problems won’t go away on their own. Dealing with them can be tricky and requires a cool head and a deft hand. It also requires a fair amount of transparency and honesty. If you fail to act, then your surrender the initiative and allow public perception to color and shade the perceptions of your customers.
Customer perception can be molded and influenced, and you should definitely take steps to do that, but remember that this isn’t just a PR issue. If you don’t make real, tangible changes in the immediate aftermath of a breach, then all the flowery words on the planet won’t be enough.