[READ TIME : 2 mins]
Every company at some point is likely to be hacked, have an employee make a PR mistake (Sainsburys 5op challenge poster, or have the CEO say something they bitterly regret (Microsoft’s Satya Nadell women’s raise). Some hacking incident’s are worse than others. Sony’s hack was dubbed “the hack of the century” by Fortune magazine who ran a headline piece on it.
In the case of Ashley Madison, the damage of their recent hack goes far beyond the reputation of their business. They have the secret lives of 37m members who are cheating on their spouse. How many of them are fearing that blackmailer’s phone call?
The BBC ran an article on the security breach and helpfully (or hopefully) gave a contact form at the bottom of the article with the request “Please include a contact number if you are willing to speak to a BBC journalist.” Not many takers for that, then!!!
Do you have a “security breach earthquake drill”?
In California we practice earthquake drills regularly. A planned response to a known threat. But the chance of an earthquake is now lower than the chance of a security breach that gets turned into a PR nightmare. So why don’t companies have a set of processes that have been planned and documented in advance which define how to respond to an issue?
The recent shake in Napa was a wake up call for many in northern California. Perhaps this should be a wake up call for Ashley Madison – or all of us – to prepare our security breach earthquake drill.