It’s no longer a question of whether a company will be hacked, it’s when, said Richard Levick, founder and CEO of communications firm LEVICK.
The tools needed to hack a company are getting cheaper and easier, creating more opportunities for attacks, he said. The hackers responsible for the attacks on the Democratic National Committee in the summer of 2016 “used unsophisticated tools that are freely available on the internet,” he told What’s Working in Washington.
“First and foremost, companies need to be looking at their servers,” Levick said, stressing that you get what you pay for with cheap servers. “You want a server that only serves you, that’s your first line of defense,” he said.
He added that businesses should integrate their communications teams with their security teams. While IT professionals have their own priorities and way of working, it’s important to put these teams together to keep them thinking about the company’s overall brand, customers, and user experience.
Once hacked, though, companies should be thinking about the message the company will deliver after an attack, said Levick.
Companies “need to be reducing those communications not only to the long form but also to 140 characters,” as they dialogue by Twitter because of the speed of communications, he said.
Getting the most essential information out in a timely fashion is crucial to mitigate damage to customers. Customers are starting to have higher standards for security and compensation for having been hacked.
“Studies are showing that customers are increasingly demanding more. They … want cash or free product to make up for their inconvenience,” Levick said.
While current breaches are just major inconveniences, future ones could be very dangerous, Levick said.
“So far, data breaches are about our information. And as volatile as that is, it is not yet life-threatening,” he said. Hospitals, bank accounts, and other places that help people live could be targeted.
“We’re already seeing the first lawsuit against a law firm, Johnson and Bell, because its information was hacked…customers and the plaintiffs bars are starting to get more sophisticated in saying, ‘you’re not just a victim. You’re responsible’,” said Levick.