Managing your company's reputation

Posted on 18 February, 2019 by Advance 

Sarah Hewitt, Director in the Major Risks Practice of Gallagher and Ciaran Simms, an Underwriter for the Travelers Insurance Company’s Technology practice, examine how to protect your company's reputation.

The importance of reputation


In an age when a negative post can go viral and a video can reach millions of people in a few hours, reputation management is moving to the forefront of corporate concerns. Brand reputation is valuable to companies because customers see this as representing positive attributes that build trust – and trust leads to sales.

Unfortunately, the opposite is also true. When a brand becomes associated with negative messages, the damage in the marketplace can be extensive. A poor reputation can even impact the ability of a company to attract and retain a talented workforce as no one wants to work for a company with a bad reputation. The erosion of a brand can come from any number of directions, including substandard products, poor customer service and lack of social responsibility.

Increasingly, data breaches can also create negative attention for a company, often leaving customers believing that their information has been mishandled because of corporate indifference. If your company collects and stores data, a data breach is always a distinct possibility.

Consider the following statistics

(1):
•    In the 2015 Government and PwC Information Security Breaches Survey, it was found that 90% of large UK organisations had suffered a security breach.
•    The survey found that 74% of small organisations had suffered a breach.
•    Despite the large number of data breaches reported, experts agree that many breaches are never reported.

Companies hitting the headlines because they have been victims of data breaches are almost too numerous to mention.

Examples include:
A well know telecommunications company (TalkTalk) hack, during which more than 150,000 customers’ details – including their bank account numbers and sort codes – were stolen. The company told the BBC that the hack was likely to cost them up to £35 million(2)
.

Not all data breaches are due to malicious hacks. Marks and Spencer apologised to customers after its website experienced a technical error that allowed customers to see each other’s personal details(3)
.

Yahoo admitted it had been hacked three years ago and three billion of its records had been breached with all users being affected(4)
.

What can companies do to protect their reputation?


Many experts agree that the most effective protection for your reputation is to consistently follow best practices when conducting your business. However, bad things can happen to good companies – especially when it comes to data integrity in an era of hacking, viruses, spyware and malware. Therefore, it is important to be prepared.
1.    Assess your risks - Understand the risks to your reputation, whether from data breaches, product failures, customer complaints or social media attacks. Identify your assets that can be called into action to defend or repair your reputation.
2.    Form a response plan - Create a plan for handling a negative event, including creating an Incident Response Team. If a data breach occurs, what steps will the company take first? Who will notify authorities, handle the media and liaise with customers? What resources are available to handle the extra workload and provide the expertise to address the situation? The plan should lay out timelines and responsibilities so that certain key decisions do not have to be made in the heat of the moment.
3.    Build relationships - To avoid a steep learning curve in the midst of a crisis, develop relationships in advance with companies who can provide reputation management assistance.
4.    Transfer your risk - As for any other type of risk, a company should look for ways to transfer the risk of suffering a data breach. Many types of insurance today include coverage for cyber incidents. Look for a policy that pays for reputation management and PR services.

In conclusion, the erosion of a brand can come from any number of directions, including substandard products, poor customer service or a lack of social responsibility, to name but a few. The consequences for businesses, such as a lack of trust and loss of customers, that a poor reputation can bring, need to be kept in mind. To help manage and mitigate these risks, it is critical to formulate a plan and be prepared.


Sources
(1) The survey referenced was the Information Security Breaches Survey 2015, conducted by PricewaterhouseCoopers (PwC).
https://www.pwc.co.uk/assets/pdf/2015-isbs-executive-summary-digital.pdf

(2)
http://www.bbc.co.uk/news/uk-34784980

(3)
https://www.theguardian.com/business/2015/oct/28/marks-spencer-shuts-down-website-due-to-technical-glitch

(4)
https://www.theguardian.com/technology/2016/dec/14/yahoo-hack-security-of-one-billion-accounts-breached