Several household name companies have been handed hefty fines by the ICO in recent months. The levels of those fines have been well-publicised, but regulatory action only gives part of the picture.
Household name or not, how a company responds to a security incident can have an immeasurable impact on customer confidence and goodwill. The potential for both immediate and long-lasting reputational damage (aside from the potential for claims to arise) in the wake of a data breach is difficult for a business to predict and ultimately to quantify.
While prevention is so often better than the cure, unanticipated data breaches can occur at any time. To have the best hope of mitigating reputational risk, an effective response plan, ready to roll out in the event the worst happens, is essential. How well prepared a business is to manage the response will shape perception in the immediate aftermath and for years to come.
With the advent of GDPR in Europe and similar legislation emerging elsewhere across the globe, much emphasis has been put on the monetary cost of a data breach in fines and compensation. But there’s also the question of reputational damage, which can prove costly in other ways.