Become A Fan On Facebook
Join Our Network On LinkedIn
Follow Us On Twitter
Watch Our Videos On YouTube  Perception Is Reality - Data Breaches Lead To Major Reputational DamageStudy highlights that loss of theft of sensitive customer data can have a serious impact on the value of a company’s reputation. Reports of data breaches affecting some of today's largest companies continue to grab prominent news headlines globally. The damage experienced by a company after a data breach has lasting negative effects on brand equity and reputation according to a recent survey conducted by the Ponemon Institute of nearly 850 executives, which found that the average time it takes to restore an organization's reputation is one year. The survey of 843 executives found that an organization's brand value dropped between 17 to 31 percent following an incursion, depending on the type of information lost. Those polled estimated the economic value of their company's brand to be anywhere from $1 million to greater than $10 billion, with an average of $1.5 billion. Eighty-two percent of respondents said their company had experienced a breach involving sensitive or confidential information. Depending on the type of information lost in the theft, companies, on average, lost between $184 million to more than $330 million in the value of their brand, according to the survey. Fifty-three percent of respondents said the exposures had a “moderate” impact on their company's reputation and brand image, while 23 percent said it was “significant,” according to the study. Respondents estimated that a data breach, which was widely reported by the media involving the loss of more than 100,000 confidential employee records, would likely result in a 12 percent decrease in brand value, on average. Meanwhile, the loss or theft of a small number of sensitive files containing trade secrets, new product designs or source code would likely lower brand worth by about 18 percent. All organizations are susceptible to breaches of data, yet many are not prepared or equipped to handle the aftermath. Research findings showed that 43 percent of the companies represented in the survey had not instituted a data breach incident response plan prior to having such a breach. Companies spend a great amount of time putting crisis plans together but are not including data breaches as part of this plan. In addition, most companies surveyed reported that they had experienced more than one data breach in the past few years. "The loss or theft of sensitive customer data, as our study quantifies, can have a serious impact on the economic value of a company's reputation" said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute ‘we believe this study makes a powerful point about the importance of taking steps to reduce the likelihood of a data breach’.. For a company in the centre of a data breach incident, making amends and correcting the errors of their past to earn back the trust of their customers can be a protracted process. A company’s reputation and brand image is a key corporate asset and when the balance of trust is compromised, it remains to be seen whether this confidence can be fully restored in the short to mid-term range. In today’s fast paced and unforgiving business environment, there is no shortage of other operators waiting to collect disenchanted customers in the wake of a controversial security breach. The correlation between reputation and the bottom line is closely aligned as Sony recently encountered in its recent high profile data breach incident. Anything that can tarnish a brand will ultimately effect a company’s bottom line as damaged reputation can directly result in a reduced customer base, costly litigation and reduced revenue. The company at the centre of a breach needs to consider what lessons they have been learned about how to properly store customer data and prevent similar situations arising in the future. They also need to clearly define how to improve security mechanisms and how quickly it should notify customers in the event of future data exposures. Plenty of companies have had security holes and weaknesses exposed in their systems but have been able to contain the severity of the incident based on the strength of their response and through proving that proactive security processes have been implemented as a priority. In particular, Sony’s incident has demonstrated that prompt response and notification to consumers is absolutely imperative to reduce consumer backlash and reputational damage. In mitigating against reputational damage, frequent data auditing exercises is one essential security exercise which proactively helps to manage and secure data in a controlled and continuous process. Regardless of where data resides on a network, auditing helps provide a visible and regulated mechanism to readily identify, manage and protect valuable assets. Enterprise audits help ensure that critical data assets are properly safeguarded, that the security process is working effectively and that the organisation is adequately equipped with the necessary controls in assessing data risk management and compliance capabilities. Perception is reality in the public eye and how a company is perceived can ultimately lead to its success or failure. Regardless of its length of time in business a data breach incident can rapidly call into question the quality and integrity a company’s brand, products and services. Isn’t it time therefore that organizations take a proactive rather than reactive stance by asking how they can best shield their businesses and protect it from reputational damage arising from preventable data disclosure events? About PixAlert For further information contact This e-mail address is being protected from spambots. You need JavaScript enabled to view it or www.pixalert.com Article Source: Net Security Article/Ponemon Institute Author: Damien O’Donnell, Key Account Manager UK & Ireland, PixAlert |
