My name is Ben Allen.
I’m a partner at Dentons and I’m joined
today by Andrew McKenzie, a director of FMC
Change which is a public relations and communications
agency specifically dealing with professional
services organisations and reputational risk.
Andrew, thank you for joining me today.
A question I had for you is in relation to
brand and reputation for organisations, how
serious can this be for, can a cyber-attack
be for an organisation?
There is no question that reputation is utmost
in the minds of management when data breaches
occur.
I think the danger is becoming frozen by that
fear as to what reputational damage might
be.
It’s very important to recognise it and
in that regard, the new regulation, which
is really going to force businesses to think
about this before time, is very positive.
And as with any organisational risk response,
having a cookie-cutter response to this or
a template response is certainly never helpful
particularly in relation to reputation or
risk.
What are you advising clients in relation
to best practice and how they should be preparing
themselves for reporting or dealing with a
cyber-attack?
Well there’s two things.
I think the response element to it its really
about transparency, making sure that those
who are affected have been informed about
what has gone on and also what’s been done
about it.
In terms of preparing for it, I think it’s
very important that you have a process which
you’re going to go through.
That process can get quite detailed.
It can go down to the something the level
of a template but in order to avoid that cookie-cutter
approach which recognises that every data
breach is going to be unique, you really have
to have a process that’s adaptable.
You’re not just going to roll out something
that was prepared six months before on the
assumption that this data breach was going
to be looking a certain way.
Excellent, good advice.
Thank you very much.
