Friday, October 25, 2013

How to Conduct Crisis Management When Your Company is the Victim of a Cyber Attack

It can happen to the best of companies – a cyber-attack. Cybercrime is booming and cyber crooks are fine-tuning their attacks. They are constantly developing sophisticated methods to get their hand on the financial details of customers.

Websites of banks, shopping sites, and online booking sites are popular cybercrime targets. But any website with a large database that contains login data and payment credentials of customers are targeted.

As an organization, once you know that you have been breached, how do you react? That’s when crisis management kicks in. Informing your customers that their details might have been exposed is painful, but necessary.

I recently got the following email. It’s the perfect example of how to conduct crisis management in case of a breach. (I removed the company’s details for obvious reasons).

Dear Valued Customer,

The privacy and security of our customers’ data are of the utmost importance to us, and we are writing to inform you of a recent incident affecting one of our databases.

We recently learned that this database, which primarily houses access credentials and business contact information for some of our customers, was compromised. We are conducting an extensive investigation and have notified appropriate law enforcement authorities. Based on our preliminary review, we believe that customer payment data were not compromised.
As a precautionary measure, we have implemented a mandatory reset of your password to protect your account. The next time you log in, you will be asked to input a new password. Acceptable passwords may not have been previously used, and must contain at least eight characters as well as at least three of the following:
  • Lowercase characters
  • Uppercase characters
  • Numbers
  • Punctuation
  • Special characters (e.g., !#$@)

As a general practice, we recommend that you use strong passwords and regularly update them for all your websites that require login credentials.

We continue to refine our security approach in light of the ever-changing nature of security threats, and to implement security enhancements and additional protocols to help further protect user portals and customer and proprietary information.

There is nothing we value more than the trust and protection of our customers, and we will continue to work diligently to prevent these types of events from occurring in the future.

We sincerely regret any disruption that this incident may have caused you, and we will keep you appraised of any additional important information. Should you have questions, please do not hesitate to contact us.

As you can see, this letter is the perfect example of how to react in case of such a security breach:

  1. State the facts
  2. Explain the scope and impact of the incident
  3. Inform about the steps you are taking
  4. Apologize
  5. Be available for questions and reactions

No comments: