SECURE horizons
By Benjamin Leitch, our CXO Cyberconnections and Digital Content Manager
In this column, we’ ll be discussing key issues for CISOs and their teams – from AI to wellbeing and from Zero Trust to communication.
If you’ d like to get in touch, email ben. leitch @ intelligentglobalmedia. com
WHY CUSTOMERS CAN FORGIVE HACKS, BUT NOT LIES
When Jaguar Land Rover was forced to shut down its factories after a cyberattack, the company quickly moved to reassure the public. There was“ no evidence” that customer data had been compromised. Days later, the story shifted and“ some data” had in fact been affected. At first glance this may look like the natural messiness of an ongoing investigation, but to the outside world it felt like a contradiction.
A n often overlooked subsequent damage from a cyberattack is the erosion of trust, if mismanaged. Customers, suppliers and partners expect breaches to happen in today’ s interconnected economy; what they do not expect is to be misled about them. Once confidence falters, it rarely returns. People can forgive being victims of an attack, but they do not forgive being treated as expendable in the narrative that follows.
There is a temptation in the boardroom to be reassuring at all costs, to downplay the extent of a breach until the facts are clearer. But that instinct often backfires. An initial statement that minimises the problem creates a benchmark against which all later disclosures are judged. If reality turns out to be worse, the company is seen as evasive, even dishonest, regardless of whether it was simply premature optimism. What could have been framed as an evolving investigation instead reads as a cover-up.
The consequences stretch well beyond public relations. Regulators look dimly on companies that appear to mislead or delay. Under UK GDPR, fines can run into the millions if authorities believe customers were not adequately informed. Investors, too, punish not just the breach but the credibility gap. Markets react as much to trustworthiness as to technical resilience.
And then there are the partners and suppliers, the thousands of businesses that orbit a company like JLR. Many of them will be bound by contracts
There is a temptation in the boardroom to be reassuring at all costs, to downplay the extent of a breach until the facts are clearer.
that depend on accurate information being shared in a timely way. If they discover that data relevant to their operations was compromised after being told it was not, faith in the relationship is shaken. In tightly woven supply chains, where cooperation and long-term reliability matter more than short-term profit, that kind of breach of trust lingers.
While JLR have toed the line, the next company may cross it. The lesson from Jaguar’ s experience is stark – you can recover production; you can repair systems; you can patch vulnerabilities. But you cannot recover from a reputation of dishonesty. The only choice for organisations facing a breach is whether they reveal it on their own terms or have it revealed for them. One path may sting in the moment; the other corrodes over time.
WWW. INTELLIGENTCISO. COM 19