Industry Voices

Cybercrime compromises more than data


Ruth Kinzey, MA, is a reputation strategist with more than 35 years of communications experience. Ruth is a professional speaker, consultant, author, trainer, and adjunct faculty member of Rutgers University. She is founder and president of The Kinzey Company, an organization dedicated to helping clients proactively and strategically enhance and protect their reputations.

Target, Hannaford, Schnucks and URM stores. Unfortunately, these retailers are victims of an all too common occurrence in the business world: cybercrime.

Dealing with a data security breach is challenging. But, what quickly can become an even bigger and more frustrating challenge is the resulting reputational loss, manifesting itself through customer misunderstandings, media reports, government agency cybercrime probes, law enforcement investigations, elected officials posturing on data security legislation, public outcry, and investor financial concerns over potential monetary losses and lawsuits.

The list goes on and so does the negative reputational impact. In fact, a retailer can become the “poster child” for this crime, frequently referenced in future cybercrime stories, even though not involved.

Although industry groups, such as FMI and RILA, as well as government officials and agencies are trying to make cybercrime laws more rigorous, the ability to catch and prosecute cyber criminals easier, and the consequences more stringent, all of this takes time. And even though much is being done to tackle this issue, the fact remains that your system can still be compromised — even if you are dedicating significant monetary resources and personnel to cybercrime prevention. So, what can you do to limit the reputational fallout?

1. Be sure your crisis plan includes protocols for flagging data breaches and corresponding detailed action plans. Limiting the scope of the breach can reduce “reputational clean-up,” as the public is more forgiving of a proactive retailer.

2. As with any crisis, denial is harmful. Thinking “this couldn’t really happen” wastes time. Once aware, follow your crisis plan.

3. Multiple contact lists are essential. Do you have appropriate law enforcement agencies and pertinent contact information? Do you have pre-existing arrangements and contact data for vendors that can support you during such a crisis? What about contact lists for customers, employees or anyone whose private data could be compromised? Are your media lists up to date, so you can distribute information broadly and quickly? Are there government officials, investors or others you need to notify? Are protocols established for how and when to initiate these communications? Remember: It’s better for you to tell what happens than for these audiences to hear it elsewhere.

4. Although you shouldn’t compromise an investigation or provide current or future criminals with a “how to break into our system” map, are you appropriately transparent? The media will uncover a cover-up. And, cybercrime victims want to know retailers are doing everything possible to rectify the situation. Being forthcoming and honest can create goodwill and generate trust for a supermarket, even contributing to reputational recovery.

5. Demonstrate you understand the gravity of the situation through your communication and actions. When it’s over, reassure people. Explain you had a laser focus to pinpoint the root cause of the recent breach, the professional and ethical steps you took to manage this situation, and your commitment to data security.

Enterprising cyber criminals are happy to help you gain notoriety through a data security breach. And while they may view such exposure as a badge of honor, the event lessens your chances for retaining or gaining customers and other stakeholders critical to long-term, financial success and even your company’s survival. You’ve already lost data. Don’t lose your good reputation, too.

Suggested Categories More from Supermarketnews


Discuss this Blog Entry 1

Tim Shipman (not verified)
on Jul 7, 2014

Great advice Ruth. There are many companies that are still not putting the things in place to be prepared for such an incident much less prevent such an incident but that is one of the reasons that people like you and I are around but it would be much better for us to choose to deal with it on the frontend rather then on the backside.

Post new comment
or register to use your Supermarket News ID

Lance Eliot

Dr. Lance B. Eliot, MBA, serves as Vice President of Information Technology at Interactions, a global leader in retail solutions and experiential marketing. Dr. Eliot has over 20 years of industry...

Jeff Campbell

Jeff Campbell is a vice president at Applied Predictive Technologies (APT), a cloud-based predictive analytics software company. Jeff leads engagements with leading retailers and helps them implement...
What's Industry Voices?

Here you'll find a wide variety of industry stakeholders weighing in on the important issues that define today's retail food business.

Blog Archive
Penton Media Food Group and Related Sites

Sponsored Introduction Continue on to (or wait seconds) ×