If the facts are on your side and your reputation is at stake, speak up. #crisismanagement #corporatecommunications #reputation
Viewing entries in
There are steps you can take right now to minimize risk and avoid damaging your reputation from cybersecurity threats., and it won’t cost you anything. What are they?
Each state in the U.S. has their own individual laws as to when a company must report a data breach. In addition, there are federal laws and EU laws that likewise dictate when companies need to disclose.
On September 1, 2018, Colorado will enact the toughest law yet, giving companies 30 days to provide notice of a breach involving personal information belonging to Colorado residents. Most states mandate 45 or 60 days.
According to The Wall Street Journal, "Colorado also expanded the definition of personal information to include biometric data, driver’s license numbers, passwords and other items. In other state laws, personal information is often limited to a first name or initial and last name in combination with an identifier, such as a Social Security number."
Just this week, Air Canada discovered a breach and responded within days of discovering it. You can see their response below to the people who they believe were affected. It timely and clearly explains:
- What happened;
- The steps the company took to limit the breach; and,
- What they need their customers do to further protect themselves.
Your system will be breached. It is not a matter of IF, it will be a matter of WHEN. To prepare your company needs to create the protocols to MONITOR your systems and develop the PLANS to respond. This includes creating the TEAM and creating SIMULATED responses.
In 2017, a data breach compromised the personal information of 147.9 million Equifax customers. The company was not prepared for the breach and failed in their response, leaving peoples personal data exposed.
if the law in your state or for your industry is unclear, company's in the U.S. should use the European Union’s General Data Protection Regulation (GDPR), which went into effect in May, as guidance which requires companies to disclose a breach within 72 hours of discovering it. Companies, both large and small, should now put the plans in place and prepare for the next attack.
AIR CANADA EMAIL RE. DATA BREACH
28 AUGUST 2018
We recently detected unusual log‑in behaviour with Air Canada’s mobile App between Aug. 22‑24, 2018. We immediately took action to block these attempts and implemented additional protocols to protect against further unauthorized attempts. As an additional security precaution, we have locked all Air Canada mobile App accounts to protect our customers’ data.
Am I affected?
As a result of our analysis, we are confident your account was not affected by these unauthorized attempts. As an additional security precaution however, we have locked all Air Canada mobile App accounts to further protect customer data.
To reactivate your Air Canada mobile App account, please see the instructions below or follow the prompts the next time you log into your Air Canada mobile App.
Your privacy and the protection of your data are extremely important to Air Canada. Our security is multi‑layered, and we work with leading industry experts to continuously improve our practices as technology and security procedures evolve.
Reset your password
Please reset your password to resume using Air Canada’s mobile App and mobile products with confidence.
Your new password must be a minimum of 10 characters. Here are some helpful tips in creating your new password:
• Minimum of 10 characters which must contain at least 1 uppercase letter, 1 number, 1 symbol/special character, 1 lowercase letter
• Do not use your old password
• Do not use your name or something easily associated with you
• Do not use your Air Canada mobile App password with other accounts
You can reset your password by following the prompts when you next log‑in to your Air Canada mobile App, or you may reset your password now or you may also go to https://services.aircanada.com/portal-web/mobile/profile?action=resetpwd&locale=en
For more information
We regret any inconvenience this has caused. If you have questions, please refer to additional information posted on aircanada.com
Senior Vice President, Chief Information Officer
We are vulnerable. Do you have a plan to respond when you are attacked?
While we may be innocent until proven guilty in a court of law, we have a higher burden in the court of public opinion. Social media plays a central role in how we form our opinions on the news and on each other.
Equifax and the SEC are today’s current cyber-disturbance. But what about our food supply. Congress, in 2010, enacted the Food Safety Modernization Act (FSMA). The law drastically updates how our food is regulated. It creates guidelines for food manufacturers and processors to follow in the processing, producing and handling of food, from harvesting to processing, warehousing and distribution. The federal government however, is still trying to figure out how to enforce the FSMA. The most recent rules focus on preventing the intentional adulteration of food in the supply chain.
Today an attack could come from anywhere with the push of a button. We are vulnerable and at risk. But we can prepare and plan to help avoid harm, injury and any damage to our reputation.
It is not a matter if you will be hacked it is a matter of when and am I prepared.In preparing for a crisis around cyber terrorism? know the law and which laws dictate how your company responds and to whom. Know what you want to say and how quickly you will respond after a reach. Know the influencers and key stakeholders to make sure you to not ignore key people in responding to an attack
In difficult times we do not want you to point fingers we need your help in knowing everyone is okay and that everyone will be okay. Then we need to understand what happened and then how it happened and how you are going to prevent a crisis like this from ever happen again.
From toys to medical devices, the world is a more connected place, exposed to hackers and other threats, that can result in serious injury or damage, both physically and to your financially to your reputation. We are naked and exposed and vulnerable to the risks of living in a connected life in the Internet of Things (IoT). While politically fragmented, Friday's attack proves our world is more connected than ever.
Here are 12 Tips For Public Officials To Remember in a Crises.
Before a crisis becomes a crisis, it’s a problem and our government leaders should never ignore a problem -- No matter how big or small.
Accused of a sex crime? Deal with it yourself or loose out in the court of public opinion.
To Defeat A Bully, Take Away Their Ammunition. Politics can be brutal. If you run for office, you should prepared to face your toughest critics and have your dirty laundry aired. As a serious candidate, knowing the bad choices you made, you can pre-empt your opponents attacks by addressing your negatives and turn them into something positive.
Crises happen! Products are recalled, natural disasters strike and scandals pop up more frequently than we would like, but they happen. Other than being prepared for the unexpected, how quickly and meaningfully a company, public official or even a spouse responds will determine how quickly trust is restored and people can move forward from blame to fixing the problem.
Politicians must confront those that disagree with them, just as the protestors are confronting the candidates. They can leverage the protester's comments in their favor and use it to help rally a crowd that is there not to be won over, but there to rally behind the candidate. In fact, the protestor can be used to drive home a point.
If we don't trust those whom we elect why should we trust their spokesperson. According to the 2015 Edelman Trust Barometer, in the US, more people place their trust in business before government. To gain the public's trust and avoid difficult situations like those that have emerged in Flint, Detroit, Baltimore, Cleveland and other cities those that we elect have to start to listen to those they represent and communicate with the people affected directly.
Crisis just don’t just happen, they evolve. Just like hurricanes do not suddenly appear, they are given time to gain momentum or dissipate. A forest fire does not start out as an inferno, it starts out as a brushfire. And a terrorist attack does not just happen, the terrorists plot, plan practice and kill.
Movies are created to share stories, advocate for change and start a conversation about what life is like, can be like or should be like. While the Academy failed to celebrate the rich diversity our movies bring and honor those behind and on the screen, it is providing a forum to discuss diversity and inclusion. But frankly, we are beyond that discussion and Hollywood should be WAY beyond that.
The last thing you want is for a scandal to last more than a day. If it is more than a one-day story that means more stories will be written, more posts will be shared and more often than we like, we will continue to talk about you.