Many believe it’s not a question of if your company will be attacked, but rather when your company is attacked. Organizations must be prepared for cyber attacks at all times, but they also must have a plan of action on how to let their customers know when information has been stolen or hacked.
Security has a significant impact on customer’s spending habits and brand trust:
- 45% of shoppers don’t trust retailers to keep their information safe
- 12% of loyal shoppers will stop shopping a retailer after a breach
- 36% of loyal shoppers will shop less frequently at a retailer after a breach
- 79% of shoppers will use cash instead of credit cards at a retailer after a breach, with shoppers statistically spending less when using cash
While these statistics specifically focus on the retail industry, the impact caused by breaches on customers is the same across the board with customers spending and trusting less. The good news is customers, who are often unconcerned about security breaches until they happen, are open to company transparency and timely responses in the event of a breach.
Repairing your reputation
It happened—your company was breached and vital customer information was released. Your customers are not happy. There are several key points to minimizing the effects of a security breach, and customers are more likely to give your company a second chance if you’re willing to communicate and be transparent. Here are a few key steps to take to repair your company reputation and rebuild brand loyalty after an attack:
1. Act fast
The law prevents companies from keeping data breaches a secret and requires them to notify government agencies and affected parties. When retail giant Target suffered their huge data breach a few years ago, they were criticized for not acting quickly and communicating well with the customers who were affected. After you have taken the precautions to secure your system after a breach, communicating information with customers, employees and government agencies should be next on your list of priorities. On a business to business level, some say companies have a 7 day window to deliver information on how and why a breach has occurred.
2. Be open and honest
Being honest when communicating a security breach with the affected parties will reassure customers that you are doing everything possible to fix the situation and rebuild a trust with them. Hiding truth from customers and employees will only hurt a company’s credibility and damage reputation.
3. Provide support
Companies should go out of their way to offer exceptional support and service to customers who were affected by the security breach. Your customers will likely not understand all the details of how the breach happened or the effects, so be open and able to answer questions regarding details. As a response to their breach, Target offered a free year of credit monitoring and identity theft to reassure their customers that they cared about them and rebuild trust.
4. Offer a sincere apology
A genuine apology goes a long way. Customers do not want to hear excuses and third parties blamed for a security breach. Companies who take ownership of their errors and sincerely offer solutions will see the best response from affected parties. The key is to be open and sincere, accepting responsibility, admitting the problem was on the company’s end and offering customer support.
While most companies are vulnerable to cyber attacks, it is their response after a security breach that will be scrutinized. Companies that take sincere responsibility for errors will see customers who are more likely to rebuild relationships. Cyber attacks and threats are difficult for customers to understand, which means companies should plan before an attack even happens and have answers ready for questions after.