Skip to content

Don’t Let a Data Breach Kill Your Corporate Reputation

by on November 1, 2011

Following a data breach, companies undoubtedly tally the financial impact in terms of the time and money it takes to respond to and recover from the breach—but do most organizations also quantify the impact on their corporate reputation or brand value? If yours doesn’t, it should. A recent survey conducted by the Ponemon Institute and sponsored by Experian Data Breach Resolution tells us the reputational cost is far from chump change. According to the survey, the average loss in brand value as a result of a data breach ranges from $184 million to more than $330 million. This amount equated to somewhere between a 12 percent and a 25 percent loss of brand value. The survey also indicated that it takes an average of a full year to restore a company’s reputation following a breach.


Corporate reputation and brand value can seem like fuzzy, abstract concepts that are difficult to measure, but this survey reminds us that they have a decidedly concrete financial impact. The fact that public companies quantify their reputations as “goodwill” on their balance sheets also reminds us that the way our stakeholders view our organizations really is an asset to be valued and protected.

A positive reputation drives cold, hard business results, from making customers more likely to buy your products, to reducing your cost of capital and raising your share price. Goodwill builds over years and even decades, as customers, prospects, shareholders, regulators, the media, the community and other stakeholders learn to respect and trust your organization. And it can be destroyed in an instant by a data breach. One of the fastest ways to damage your reputation is to lose backup tapes or have to notify tens of thousands of customers that their sensitive data has been compromised due to inadequate security measures.

Keeping your reputation intact is a twofold effort:

  1. Protect your data with an information security program that doesn’t cut corners and takes into account all possible types of threats. When it comes to data tape security, for example, we advise clients to follow basic tape management best practices, like encryption, backup testing and validation, and secure transfer procedures, as well as tape management solutions to track, move and protect media across all sources and platforms.
  2. Plan for how you’ll handle a data breach, if and when it happens. Despite the most diligent efforts, data breaches still do happen. But don’t let poor handling of a breach harm your reputation more than the breach itself. Make sure your organization has a comprehensive data breach response plan for being, as Visa advises its merchants, accurate, fast, open, honest, transparent, accountable, and thorough in responding to and communicating about a breach.

Have you experienced the reputational buzzkill of a data breach? How did your organization recover its lost goodwill—or did it?

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: