A few months back we had a big event that happened in the Eastern part of the United States. It was an awful and terrible event. There was mass devastation and huge loss of life and property. It was the biggest event of its kind in a long time. People were panicking; there was chaos in the streets. Sound familiar? Of course not because that is not what really happened.
What really happened is a totally different story. In fact, if I did not put the name of the hurricane up on the title of this article Hurricane Matthew you would not even had remembered what it was called. Why is that? Because it was not this terrible event that we were led to believe by public officials and the media beforehand before there were facts available.
Starving for a real story and seeing a potential crisis, they go out of control. They fill us with scare stories and tales of danger. Compare it with other scary events and try to get us to panic. In reality, Matthew was a relative lightweight compared to major hurricanes and it did small damage compared to what it was expected to do. But as Jefferson said “a falsehood will fly around the country as the truth is putting on its boots.” Hurricane stories are no different.
Why Hurricanes And Data Security?
You have to be asking why by now. But I wanted to put it all into perspective so you understand the importance of these phenomena. You see if you are a major company or any large organization for that matter, and you suffer a major data security breach. The loss of records and cost to repair will be the least of your problems. But the potential media storm from a major breach will be appalling. Just like with hurricane Matthew.
It will carry you away in a sea of misquotes, falsehoods, suppositions, and outright fabrication. And you will struggle to just get the simplest details of your company and the event into the light of an honest perspective.
This type of experience can be daunting, to say the least, and completely overwhelming at the extreme. Believe me, you never want to go through this. Because at the end of the day most businesses are at one point or another in the marketing business and this type of event is really bad for your marketing.
How It Should Be Handled
Think of how much you spend on marketing every year. I venture to guess regardless of the nature of your business it is significant. Now think of a single event wiping that expenditure out for a year or maybe more. And you begin to see the PR battle you have in front of you.
People are still talking about the “Target Breach” or the “Home Depot Breach” or if you want to go to gargantuan scale how about the hacking of the Hillary Clinton’s server. While this last one was a serious event, it did not affect national security. It did not cost millions of people loss of money or privacy, but with the right amount of media hysteria, it looked like the media Hurricane Matthew of 2016.
Never underestimate the power of the media to blow something out of proportion. I am a big believer in the 1st amendment and I believe in the free press. But for you the executive you need to understand this reality and be prepared for it. So you should, first of all, have a security posture that takes into account the possibility of a breach, and how you will react to it. You should have policies in place to help with information damage control. And to get you out in front of the story before it sweeps you and your company away.
You should have tactics to prepare you for that event before it occurs. So you can be ready with the facts, releasing the pertinent information based in reality. This way the media does not have to fill in the blanks. And finally, you should have built a secure organization long before this possibility comes about therefore preventing this occurrence from happening in the first place. These are functions that cannot be done in your IT department. They can only be done at the higher levels of a company, and possibly with the assistance of experts in this field.