Business

How to rebuild trust after a cybersecurity breach

Trust is an irreplaceable commodity in cybersecurity.

Trust is an irreplaceable commodity in cybersecurity. Image: Getty Images/iStockphoto

Rupal Hollenbeck
President, Check Point Software Technologies
Share:
Our Impact
What's the World Economic Forum doing to accelerate action on Business?
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:

Cybersecurity

This article is part of: World Economic Forum Annual Meeting
  • With cyberattacks rising and trust in institutions declining, having a cybersecurity resilience plan is essential for business.
  • Consolidating fragmented cybersecurity systems is the key preventative strategy.
  • Strong communications with customers is equally important in the aftermath to re-establish trust.

The last several years have fundamentally changed the way we live and work. The shift to remote and hybrid work has produced significant disruption, which in turn has led to technology innovation. This enabled people to connect to their workplaces and stay productive from outside the traditional security perimeter through new platform tools, workforce collaboration solutions, internal messaging integrations, remote training and more.

At the height of this innovation, however, collective trust in institutions experienced decline. In 2019, approximately 64% of respondents indicated a degree of trust in big business, according to Gallup. By 2023, that had declined by eight percentage points, while the share of people expressing very little or no trust at all in big business jumped seven percentage points to 43%.

Rebuilding trust has been a priority for companies everywhere, but there are notable headwinds slowing this process down. Unfortunately, we get news of security breaches at major institutions with alarming regularity. It’s no wonder that in this threat environment, businesses are struggling to rebuild trust with their customers. Naturally, this involves establishing a strong, proactive and preventative cybersecurity posture. It also means developing a resilience plan for when a cybersecurity incident occurs to limit the impact from a technical, organizational and financial point of view.

Discover

How is the Forum tackling global cybersecurity challenges?

Before it happens

The first and most important element is to focus on prevention. Consolidation is the best way to achieve this. Industry did well to produce the innovation the market needed to facilitate the first phase of the rapid transition to cloud, but we’ve matured past these products’ ability to provide comprehensive protection. Most companies have adopted a host of point products to execute different kinds of business. This has produced sprawling, inadequately secured networks. It’s a patchwork system, and organizations as a result end up with patchwork coverage incapable of evolving with the company, all while paying a premium by dealing with multiple vendors. And threat actors have taken notice. The number of data breaches experienced in private industry has more than doubled since 2019, according to Verizon’s Data Breach Incident Report.

Executives understand this: Research from Gartner shows 75% of organizations are consolidating security vendors, up from 29% in 2020. Secure access service edge (SASE) and extended detection and response (XDR) technologies are a good starting point for the consolidation journey, as these solutions secure access for distributed users and enable teams to detect and respond to threats, respectively. Most importantly, these solutions are designed not only to respond to threats, but identify and prevent them from turning into breaches. When deployed in a consolidated platform with complete interoperability with the rest of the security suite, they offer greater visibility and security by transforming the toolset into a proactive, prevention-oriented program, limiting the potential fallout from a breach before it even happens. When a security incident does occur, customers can be confident that the systems are in place to limit how much damage an intruder can do, which in turn lays a foundation to rebuild trust for the future.

When it happens

While a strong security posture can prevent the worst outcomes, threat actors only need to get lucky once. No organization is completely immune to breach. The damage from these incidents can range from monetary damages to broad loss of confidence in the company’s ability to do business safely. How does a company rebuild trust after this kind of unauthorized access?

First, you need to limit the damage. That’s why the first step to rebuilding trust is a proactive one: Build a consolidated, prevention-focused security posture, and you’ll be able to limit the fallout. If you’re unable to do so before an incident, it should be the first objective after restoring business operations. Customers will need to know that prevention is your first priority.

The key to rebuilding trust over time is to communicate. The company must demonstrate that they are acting according to a cohesive strategy. This will always include appropriate disclosures. Prompt and transparent disclosure of a breach is important, and most jurisdictions require one to be made “without unreasonable delay”, so there’s a compliance element to this. Beyond that, it enables the appropriate parties to take action to protect themselves or even help develop a fix.

Special communications should go to customers. If continuity of operations has been interrupted, provide a timeline that the company can stick to, if possible. Alert customers to their own potential exposure, and provide the tools to remediate as soon as they’re available.

Have you read?

Your external communications – whether that’s in the press, social media or on the company blog – must be informational, action-oriented and clear about the scope of the damage. Most importantly, these communications must highlight what the company has done to address the breach, how this fits into a broader strategy, and why a similar incident won’t compromise them in the future. Avoid taking a defensive posture, and instead approach the situation as partners.

Essentially, responding to a breach is about people, process and technology in that order. Make sure the people impacted are in the loop with consistent and clear communications first and foremost. Identify and fix process and technology failures during remediation.

Confidence is key for cybersecurity

Ultimately, there is no replacement in modern business for building a prevention-focused cybersecurity posture. A company that fails to prioritize cybersecurity is a soft target for threat actors of all stripes. Trust requires confidence that your partner is acting to protect your mutual interests, and that means investing in consolidated cybersecurity that evolves along with your business and, crucially, the threat environment.

Be prompt and transparent in your disclosures and communications – delays expand the window for additional damage and obfuscation degrades customer and public trust in the statements you do make. You must give customers and the public good reasons to trust you. Building trust takes time, and there’s no substitute for a track record. As a result, strong, consolidated cybersecurity is already serving as a differentiator.

Loading...
Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

Related topics:
BusinessForum InstitutionalCybersecurity
Share:
World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

Tourism is bouncing back - but can we make travel sustainable?

Robin Pomeroy and Sophia Akram

May 23, 2024

About Us

Events

Media

Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum