Tuesday, 2 February 2016
Information Commissioner states Reputation a Bigger Concern than Penalties
Information Commissioner Christopher Graham has said that a company's reputation is a bigger concern than financial penalties that may be assessed as a result of a data breach. He made his comments at the recent Advertising Association LEAD 2016 conference in London.
Graham's comments are in direct response to a YouGov poll sponsored by the Information Commissioner's Office to gauge consumer concerns over data breaches. According to that poll, almost 80% of consumers would think twice about providing personal information to a company that made the news after failing to prevent a security breach. That is a significant number by any measure.
“The knock-on effect of a data breach can be devastating for a company,” Graham said. “Getting hit with a fine is one thing, but when customers start taking their business – and their money – elsewhere, that can be a real body blow.”
He went on to say that consumers are genuinely concerned about cyber security and their personal information. Graham also reminded attendees that it is not only a legal obligation for companies to protect private information but doing so is also essential to maintaining a positive reputation among consumers.
In terms of the YouGov poll responsible for the commissioner’s comments, two additional statistics should be taken seriously by companies collecting personal information:
20% of respondents said they would definitely stop using a company after a data breach
Only 8% said that knowledge of a security breach would make no difference in their choice to continue a business relationship.
Data Protection Is Good Business
The YouGov poll is very clear in underscoring the fact that data protection is important for a company's reputation. But it is more than that. It is also good business. Whether a company is in the business of selling widgets or offering financial advice, secure data management tells customers that those in charge of the company are genuinely concerned about them rather than just the bottom line. Providing customers with that confidence goes a long way toward boosting reputation.
The reality is that our current environment of global networking exposes more people to risk than ever before. Managing risk is an unavoidable part of doing business in the modern era. More importantly, it is not just the responsibility of those companies that deal directly with the buying public. It is also the responsibility of tertiary companies including data centres, collocation providers, managed services providers, and so on.
Everyone involved in the data communications process has a role in protecting customer information. No data breach, regardless of the scope, can be pinpointed to a single entity or person. It takes multiple players within the security chain to create conditions that make large-scale illegal access to data possible. Therefore, everyone involved in the chain has a role to play in preventing security breaches.
Commissioner Graham says that reputation is more important than financial penalties resulting from security breaches. We are inclined to believe him.
Source: ICO – https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2016/01/your-reputation-is-at-risk-if-you-don-t-keep-data-safe-ico-warns/