By Charles Leaver

Cyberattacks should never be a secret

A company is attacked by a hacker. Administrators discover the breach, seek to learn more about it, and dispatch IT staff to attempt to suppress it and recover any lost data. This is the story of countless breached enterprises out there, but unfortunately, the narrative all too often ends here without the businesses proactively taking the next critical step: informing customers about the attack. In many instances, getting a company to reach out to impacted patrons takes a lot more prodding and time than it should.

According to The Portland Press Herald, there is a concerning tendency among breached enterprises to simply avoid telling those impacted by the attack – namely, the customers – that it happened. The reason for this hesitance can be chalked up to entirely selfish reasons: The business worries that its reputation will be tarnished if news of a breach circulates, and therefore tries to keep the response to a cyberattack as internal as possible. This was the case with Neiman Marcus and Target, both of which waited before alerting customers to the presence of a widespread attack.

Keeping breach news from customers is counterproductive
This withholding of information is not only completely irresponsible, but it also works against them. For an enterprise to come out long after an attack and admit to its occurrence makes them look shady, unprepared and ultimately unfit to be trusted with customer data. Yet breached businesses continue to keep customers out of the loop, as evidenced by JPMorgan Chase’s reported delay of potentially up to four months in letting patrons know that the bank had suffered a major incursion. Ed Mierzwinski, consumer program director at U.S. Public Interest Research Group, said that informing customers about a breach certainly comes with its fair share of work.

“It’s a real pain in the neck to clear your name. … You have to spend time – a lot of time – clearing your name. And you don’t get paid for that,” he said.

Yet however cumbersome, this kind of recovery work must be done in the wake of a malicious encroachment, and customers cannot be kept out of the loop at any point in the process. Of course, there is a way for companies to avoid a situation where alerting customers becomes a necessity in the first place. By enacting stringent endpoint threat detection and response measures, businesses can safeguard their infrastructure and therefore assure that their system – and, by extension, the trust of their patrons – does not get breached.

Get the Blog Here