Are communications professionals prepared for a data breach?
During last week’s keynote speech at the DataComms conference, our CEO Emma Thwaites polled the 200 or so communications professionals in attendance, on how prepared they were to respond to a major crisis situation involving data e.g a data breach.
Only 12% of the audience felt they were very prepared, with almost a third saying they were unprepared.
Why this is a problem
Recent analysis has shown fines imposed by EU authorities under GDPR have increased by 40% in the past year, which tells us:
1. Businesses are being held publicly and financially accountable with increasing frequency
2. Corporate communications teams have another reputational risk to worry about
Like any crisis communications plan, having a good understanding of the risks, mitigating these risks, and being able to respond quickly is key. But as our mini poll suggests, if almost a third of senior communications professionals feel unprepared to deal with these issues, many businesses could be at risk of reputational harm.
All businesses aren’t created equal
For organisations with deep pockets, monopolistic positions and loyal users (i.e ‘big tech’), the financial and reputational damage of a GDPR fine is likely to have less of an impact, for now, compared with other sectors.
Where we see a bigger problem in the short term is in sectors with high levels of competition, where consumers can more easily switch to rival brands without compromising on quality, price, choice or time already invested. Businesses that heavily rely on data and AI, e.g supermarkets, insurance providers or banks, face the highest risk, but it could equally include many smaller businesses too.
Customers, users and investors are becoming much wiser when it comes to Corporate Digital Responsibility (CDR) – that is, how seriously an organisation takes its responsibility to use and develop data and AI in ways that are safe, trustworthy, ethical and wise. As awareness of CDR grows, so does the likelihood that people will vote with their feet and their wallets when businesses get it wrong.
Here’s a thought: Just as Skyscanner now highlights CO2 emissions of certain routes to help travellers make more eco-friendly choices, what if we also had a CDR score when it comes to renewing our car insurance, or choosing who to bank with?
What can communications professionals do?
Corporate communications teams work as the enhancer and protector of the company’s reputation. Understanding data and AI, and the potential reputational risks when things go wrong is now very much part of the role. As a starting point for any comms professional thinking about these issues, we’d suggest:
- Have a good understanding of how your organisation holds and uses data and artificial intelligence
- Make sure your organisation – from the top to the bottom – understands their responsibility around data and AI, and the potential reputational risks
- Review your crisis management plan, and make sure your response to any data and AI issues is up-to-date and robust
- Consider your communication strategy around your organisations’ commitment to taking its corporate digital responsibility seriously
If you want to speak with us about any of the points in this blog, please get in touch here.