Your Post-Breach CX Matters
- By David Lukić, IDstrong.com
- December 01, 2020
Maropost, a marketing automation platform, is the latest in a long line of companies that have experienced a data breach. It potentially exposed unique email ids of more than 19 million customers, their addresses, and email logs, totaling 95 million records. This information can be used by criminals to blackmail customers by threatening to provide their marketing lists to competitors, conduct targeted phishing attacks to steal customers’ identities, or brute force passwords associated with email addresses.
Data breaches are not uncommon. Forbes estimated that 4.1 billion records were exposed during the first half of 2019. However, data breaches can erode customer trust. How companies respond to such data leaks can also impact customers’ perception of the company.
Impact of Data Breaches on Customer Relationships
Experiencing a data breach can often cause customers to lose trust in a brand. Sixty-five percent of respondents said that they lost trust in a company after a data breach, and 27% stopped doing business with the company due to the data breach and/pr the company’s response to it, according to research from Centrify and the Ponemon Institute.
Additionally, the 2019 Cost of Data Breach Report found that 36% of the average cost of data breaches was due to business disruption, including lost customers.
How a company responds to a data breach can sometimes affect customers more than whether a data breach occurred in the first place. Companies can lose customer trust by denying the breach or minimizing its impact. They may also be too slow to act; on average, it takes 196 days to identify a security breach and 69 days to contain the breach in 2018.
Responding to a Data Breach
A company must know how to appropriately respond to a data breach if one occurs. Many companies make the mistake of only focusing on the technical details of the breach and patching the security risk without considering the human element or how their customers may feel.
Companies should respond immediately once they become aware of a data breach. Those who do and transparently are much more likely to retain their customers than companies that do not.
A clear talk strategy to address the breach should be created. It should focus on what the company is prepared to do to right the wrong and how future breaches will be prevented in the future.
One of the keys to effectively responding to a data breach is being accessible to customers. Being available to address customer concerns is critical to regaining your customers’ trust. In the Maropost breach described above, the company and its leadership were notoriously inaccessible on multiple channels after its data breach.
The message you convey to customers should also be carefully tailored to address your customers’ concerns, not merely providing legal points. Focus on what your customer wants to hear instead of on what you want to say. Customers appreciate and respond positively to transparency. By being prompt, empathetic, and accessible, you will be better positioned to preserve your customer relationships.
Latest Trends on Preventing Data Breaches
To prevent the loss of customer data or trust, you can build a strategic plan that protects the data and monitors possible security threats to avoid a security breach from ever occurring. Some useful methods to prevent data breaches include:
- Patch and update software automatically
- Use encryption to protect sensitive data
- Upgrade devices promptly
- Enforce strong credential procedures and multi-factor authentication
- Provide employee security awareness training
- Monitor for possible security threats
Businesses should also develop a cyber breach response plan before a breach ever occurs. It creates a blueprint on how to respond to the breach when the company is not in crisis.
Taking these steps can help mitigate risk and provide a clear plan in case of a breach.
Conclusion
Even though data breaches are not uncommon, it is essential to have a plan in place on how to respond to a breach and communicate with your customers if a breach occurs. The steps you take after a breach can be just as necessary as the steps you take to prevent a breach in the first place and leave a lasting memory with your customers, good or bad.
David Lukić, information privacy, security, and compliance consultant at IDstrong.com, authored this article. The passion for making cybersecurity accessible and interesting has led Lukić to share all his knowledge.
The views and opinions expressed in this article are those of the author and do not necessarily reflect those of CDOTrends. Image credit: iStockphoto/Stefan_Redel