Today, major brands are facing a crisis in trust. Amidst public concern over data breaches, incumbent players need to learn how to manage and protect data into the future. Our Director of Digital Strategy Stephen Gillespie looks at how the solution lies in an organisation’s approach to transformative technology. The approach can also drastically improve customer relationships, which is vital for today’s digitally-driven brands.

When we examine requests for proposals that we’ve received in the last few months, security has very rapidly risen to the top of the list of concerns that are driving the need for transformation and platform re-engineering. 

The news that British Airways is facing a record fine of £183m for last year’s breach of its security systems will do nothing to stop this trend. It’s a large sum of money for an organisation to find, even one with the resources of BA. But there are broader implications when news of a data breach hits the headlines. It contributes to a climate of distrust and erodes the relationship we have as consumers with the brands we interact with.

 The UK Information Commissioner, Elizabeth Denham comments: "People's personal data is just that - personal. When an organisation fails to protect it from loss, damage or theft, it is more than an inconvenience”.

The statement was clear and an indication that if customer inconvenience, reputational harm and erosion of customer trust were not good enough reasons, the ICO intends to come down hard on organisations that don’t take sufficient steps to safeguard the data we entrust to them.

It too easy to assume that the issue is just negligence or ineptitude on the part of the team responsible for the software that was breached. Some of these issues are more systemic, and responsibility in many organisations is shared.

In a previous role with responsibility for a global corporate web presence, I participated in periodic budgeting reviews where I was required to robustly defend line items such as software licence costs and professional fees for applying upgrades and patches. I was constantly asked whether costly new IT upgrades were warranted.

The defence when pressed is that an upgrade is not truly an upgrade, it is just standing still. It is restoring your presence to the perceived level of security it was at when it first went live - with all the up-to-date patches and security upgrades applied. The software itself has not changed but the world around it has - and the stakes are higher than ever.

What is new is that those with malicious intent have become smarter and the pool of information available to the hacker has got larger. As the digital world evolves, legacy systems that are unsupported and not receiving investment pose significant risk.

So how can incumbent players start systematically maintaining secure systems that customers can trust? And how can they ensure that their software is tailored to meet their specific security requirements today and in the future? At Made to Engage, we believe they can start by doing three simple things:

  • At the procurement or commissioning stage, choose enterprise software with a strong roadmap and a robust upgrade record from the vendor. This will ensure you can apply updates in a timely and efficiently manner.
  •  Consider that serviced and cloud-based systems may be inherently easier for your organisation to maintain than on-premise and unsupported solutions as you remove the need to upgrade the underlying operating systems.
  • Ensure your organisation budgets for ‘cost of ownership’ requirements including following the prescribed upgrade path.

One of the villains that businesses grapple with (and one that I am glad to say we are seeing less of) is the ‘project mentality’. This is the misconception that once a business has completed a project, the world around it stays still and the issue is solved for the foreseeable future. 

For example, a business may build an ecommerce platform that is wonderfully enabling to the organisation. But security threats evolve as do use patterns, technology and customer requirements. It is foolish to consider complex online systems that your customers interact with as being a capital item that should be purchased and implemented every few years.

Communications and trading channels need to evolve either in response to, or driven by, the evolving world of the consumer. Of course, securing and protecting the personal information given to you by your consumers is just one of these changing scenarios.

An increasing number of our clients are coming to us with the expectation that the initial transformational program is the first step. But industry leaders that want to thrive long-term will need to keep pace by making regular updates that not only defend the security of the organisation. It’s not just about ensuring compliance with regulation, but also about ensuring that you remain relevant in a digital world that is constantly shifting. When employed pragmatically, the measures outlined by us above will enable brands to enhance security, win customer trust and stay relevant to their consumers.

To discover more about how our partnership with Made to Engage and Episerver can help your business to enhance data security and develop lasting trust with customers, contact us here.