In the increasingly sophisticated world of cybercrime, brands are caught in the crossfires. When a cybersecurity scam dupes customers by purporting to be a bank, insurer or other trusted brand, reputations can suffer from what is an attack by malicious, external hackers. And with cybersecurity becoming a core factor in a brand’s reputation capital, it’s crucial that brands get on the front foot and take responsibility to re-establish trust.
In Sandpiper’s 2022 proprietary study into reputation capital, we found that cybersecurity is an important driver of consumer sentiment towards a brand or organisation. In numerous countries, cybersecurity was a top three factor in every single country surveyed, and the most important factor overall. The countries surveyed were Australia, China, Hong Kong SAR, Indonesia, India, Japan, Malaysia, Philippines, Singapore, Thailand, and Vietnam. Importantly, the cybersecurity statistics show that cybersecurity is the top reputation factor likely to impact consumer behaviour for both the financial services and technology industries. Our study clearly indicates that if your organisation doesn’t have a clear position on cybersecurity crisis management and data security, it is critical to develop one in 2022.
Cybersecurity scams target customers, duping them into handing over passwords or permitting malware to be installed on computers. The results can be disastrous, with McAfee estimating that it costs the world almost $600bn per year, the equivalent of 14% of the worldwide economy.
Recently in Singapore, we’ve seen phishing scams in the headlines with leading organisations suffering the fallout as customers are duped out of millions of dollars. For example, OCBC hit the headlines for being targeted in a high-profile series of attacks that impacted not only the brand, but also cast the spotlight on the robustness of safeguards put in place by the government and telcos. Experts speculated that more could be done to prevent scams with improved cybersecurity and legislation, leaving brands with the responsibility of re-establishing tarnished cybersecurity credentials. When consumers lose trust in the organisation’s ability to protect their private information, long-term damage can result. Consequently, a comprehensive cybersecurity crisis management program is no longer an optional part of your comms strategy — they are an absolute must-have.
Brands wishing to protect themselves from this issue need to be seen as taking a proactive approach to protecting customers. With increasingly sophisticated technology, even savvy customers can be duped, leaving brands in a reputational quagmire.
Recovery starts with being accountable and being transparent. Taking a strategic approach is key to ensuring messaging is consistent and part of a broader reputation management strategy. Paying lip service to solutions is not enough — brands need to demonstrate concrete actions they are taking to prevent future occurrences by investing in cybersecurity crisis management teams, securing expert advice from consultants, appointing in-house task forces to tackle the problem, and so on. From a communications perspective, showing care and concern for customers is paramount. Even though the brand is the victim and suffers a dent in goodwill alongside financial costs of possibly refunding customers who’ve lost funds, it does have the responsibility to work with stakeholders like government and telcos to address this ever-growing problem.
Recovery starts with being accountable and being transparent. Taking a strategic approach is key to ensuring messaging is consistent and part of a broader reputation management strategy.
Prevention is key, so brands need to stay one step ahead with hacks that seem to get more sophisticated year-on-year. From a communications perspective, consider the simple yet powerful CAP model:
Sharing your perspective may be as simple as proactively getting ahead of the story and sharing consistent media briefings on your response as it is rolled out. No one wants to prolong the life of an unwanted news story but demonstrating that you’re on the front foot can prove how seriously you take the matter.
After a cybersecurity scam hits and the initial wave of media interest dies down, a phase of rebuilding reputation can begin over the longer term. This should include:
A strong crisis management plan ensures that should a problem arise, you don’t want the crisis to be the first time consumers hear about your brand or your CEO. Building positive associations by communicating your brand values over the longer term helps establish trust over the long term. Audiences are likely to be more empathetic towards cybersecurity scams if they have already formed a positive association with the brand
You may also like: