This page contains a Flash digital edition of a book.
Interactive DATA PRIVACY AND PROTECTION


Manage strategic risk or safeguard against breaches?


As businesses look to technology to drive strategic growth, many are underestimating the risks and consequent safeguards that need to be in place to better protect customer data.


John Cannon, Commercial Director, Fraud & ID, Callcredit


John has worked in the information industry for more than 20 years. During that time, he has held a number of senior roles, including heading Infocheck Group’s insurance business and leading Equifax’s ID & fraud team. For the last 10 years, John has focussed on the areas of financial crime, fraud, money laundering and identity.


John has worked at Callcredit for nine years and has been responsible for driving innovation in fraud prevention and identity verification, delivering some of the most innovative fraud & ID solutions driving unrivalled customer value. Under John’s leadership, Callcredit’s Fraud & ID business unit has transformed from relative modest growth to one of the fastest growing areas of the business.


A highly competent speaker, John regularly presents at industry events including chairing Callcredit’s annual Fraud Summit which has become the Group’s largest annual client event attracting fraud, identity and financial crime professionals from across a wide range of industries.


P66 NEWSWIRE / INTERACTIVE / 247.COM


We now operate in a business environment where data breaches are becoming a common occurrence. According to the 2015 Information Security Breaches Survey, 90 per cent of large organisations reported that they had suffered a security breach in 2015, up from 80 per cent in 2014. In addition, our own research found that 40 per cent of executives cite loss of reputation as the number one boardroom risk concern following a data breach. And what’s more, these data breaches are


leading to considerable reputational damage. In fact, a recent YouGov poll found nearly eight out of ten people would think twice about giving their custom to a company that had made headlines for failing to stop a data security breach. Having a fast and effective remediation plan to


safeguard consumer’s data and company reputation in the case of a breach is therefore something every business should be prepared for.


Yet, in our experience, more often than not,


this is not the case. Tere is no public relations crisis plan or an understanding of the legal and/or compliance obligations that are associated with a breach. Knowing how to navigate and react in such instances is what will help businesses reduce damage and maintain consumer relations. Tis article will examine the sort of steps


businesses should take and how they can better safeguard themselves against the potential reputational damage of a data breach.


FIRST STEPS Te first point to make is that the actions taken


by a company should be largely dictated by the sort of breach that occurs. For example, it may be easier to identify the extent of the damage


caused by sharing a confidential document externally than it is identify the damage caused by a cyber-attack. Each situation is unique. Having said that, it is possible to identify some best practice guidelines which businesses should generally adhere to. Te first steps taken by a company during a


data breach will often set the stage for the rest of the process. Making sure you are not only reacting as soon as possible but also in the right way is key. Customers need absolute confidence that the company has done everything to prevent the breach happening again in the future. Customers will understandably worry about their personal details being exposed and through education are becoming increasingly aware of the value of their personal data. Te first priority for a business is to have a


plan in place to identify all the key stakeholders they would need to communicate with and what they would need to say during the first 24 hours – to consumers, customers, regulators, politicians and the media as well as internal teams. Offering information that recognises the


significance of the breach and a plan to remedy the situation is important. Although the extent of a data breach may not be known straightaway – making it difficult to provide a concrete solution – it is vital that consumers are aware that as a business, you understand and acknowledge the potential impact, that protecting their personal


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76