Close this search box.
Close this search box.

How Secure Is Your Data? And 3 Steps To Take if You Think You Are Vulnerable to a Breach

They are the brands you trust with some of your most intimate information, emails, images, and documents; but are they worthy of your trust? Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple are battling to keep that trust in the wake of disclosures that the government was given access to their customers' data online via the Prism program operated by the National Security Agency (NSA).

All the companies involved vigorously deny giving the Obama administration access to their users’ data, but the current and potential damage to their brand reputation has left these corporations scrambling for responses that satisfy not only shareholders, but stakeholders.

Viktor Mayer-Schonberger, professor of internet governance and regulation at the Oxford Internet Institute, sums up the scope of the collective data breach saying, “These companies depend on their users being sufficiently trusting to give them personal data. Many of us are perfectly fine for these companies to use this information for their own commercial benefit, to place more relevant adverts on the right hand side, but we do not want it passed on to the government or to tax authorities for instance.”

Revelations about the NSA’s accumulation of citizens personal information has raised our collective awareness of data security. We assumed that our personal information was safe and secure, we no longer can. In business, there can be no assumptions regarding data security. Corporate data breaches are, in fact, growing at an alarming rate. The Open Security Foundation working in conjunction with Javelin Strategy & Research reports an all-time high of 1,611 breaches in 2012, representing a 48% increase over 2011. What do those numbers mean in terms of dollars? A recent study by the Ponemon Institute shows that the organizational cost per data breach stands at $5.4 million and the cost per record is $188. Thus, chief executives and business owners must treat the issue as though their companies, and the data they hold, are continuously under attack.

How do organizations across the economic spectrum treat the issue of data security? What are the right moves to keep data safe and secure and what may be done to avoid the costs (both monetary and social) of a security breach?

Writing in the Harvard Business Review, Robert Plant, associate professor of computer information systems at the University of Miami School of Business Administration, says executives must understand four basic points about security:

  • A well-executed data breach is potentially more dangerous to your business than a recession.
  • Cybercrime isn’t someone else’s problem; it’s your problem.
  • Just because you haven’t heard your C-suite peers at other firms talk of security breaches doesn’t mean they’re not happening, nor does the fact that you haven’t found anything in your systems mean you’re safe.
  • You probably don’t understand where your data is.

The takeaway is that any business can be a target. Breaches can, do and will occur in organizations of all sizes and across a large number of industries. Old excuses like “we’re too small to be a target,” or “we just implemented new antivirus software and firewalls,” are no longer acceptable.

In addition to the financial repercussions of a data breach is the social impact. Data breaches not only tarnish a company’s hard earned reputation, they violate people’s trust. Chief executives must accept that reputation has quantitative value. It is just as material to the company’s bottom line as inventory, receivables, real estate or any other balance sheet asset.

What should a chief executive do about the inevitable data breach? In a word, prepare. A logical first step is putting a team in place to plan a response that meets not only the legal standard, but obligations to clients and business partners. The team may include data security personnel, legal counsel, as well as a communications expert. Once a blueprint is formulated, the team should meet at least twice a year to conduct drills, just as other teams prepare for physical risks like weather emergencies or fire drills.

Experts cite says three different tasks that businesses must consider when evaluating readiness to meet a data breach:

Vulnerability Assessment:

Inspect all the ways that data moves in and out of your company, from laptops and thumb drives to cloud storage and customer portals. The vulnerability assessment also needs to look beyond your company to your contractors, and subcontractors. If you share data and systems with any of them, your operations are at risk.


Encrypting files and restricting access to data are good starting points, as is a “remote kill” option that will let a security team wipe out data on a laptop that has gone missing. Your response should also consider the need to quarantine areas of your data network or shut down entire systems.

Communicating the Aftermath:

Any plan must take communications into account. When planning a response, experts advise factoring in how many records were affected and what level of data was exposed. You need to understand the legal ramifications and how you might fare in the court of public opinion if

you handle the breach incorrectly. Remember that you can’t eat your words once they’re in the public domain.

Data breaches and cyber security recently topped the agenda of the summit between President Obama and Chinese President Xi Jinping. Although U.S. officials have accused the Chinese government of being behind a series of attacks designed to steal trade secrets and potentially disable computers that operate banks, power grids and telecommunications systems; Xi flatly rejected the charges saying that his nation was also a victim of such acts and called for cooperation on the issue.

Chief executives, and the companies they manage, must treat security and the threats of data breaches seriously and take the necessary steps to harden their defenses. No panacea exists that will prevent data breaches and deterring such incidents is a never ending task. Cyber security cannot be delegated to the IT department or the CISO, it is a company wide effort that begins and ends in the corner office.

Read: –




Read: –


  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events


    Strategic Planning Workshop

    1:00 - 5:00 pm

    Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process

    Executives expressed frustration with their current strategic planning process. Issues include:

    1. Lack of systematic approach (70%)
    2. Laundry lists without prioritization (68%)
    3. Decisions based on personalities rather than facts and information (65%)


    Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns.  They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning.  Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process.  This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented.  If you are ready for a Strategic Planning tune-up, select this workshop in your registration form.  The additional fee of $695 will be added to your total.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.