Cybersecurity & Brand Reputation

The management of technological vulnerabilities passes not just through technical and technological aspects, but – today more than ever – by reputational tracks. It is the great uncertainty on how to govern one’s own Brand Reputation under Data Breach conditions that often drives companies – which have suffered from data breach – to implement more than just a strategic strategy.

Spencer & Lewis offers its customers full support, thanks to an internal Cybersecurity team able to identify the points of technological weakness and manage the aspects related to Brand Reputation. The Legal Team, instead, guarantees the right legal support in the light of the Gdpr, the new regulation for data protection that will come into force in May 2018.

In recent years, more and more companies have decided to outsource the management of data in the cloud, reducing the costs of the technological and personnel infrastructure by modifying the procedures and the habits with which the same infrastructures were managed. Delegating data management to outsourcing, companies have also preferred to delegate responsibility for the data themselves, creating points of vulnerability.

The Cybersecurity team is led by industry professionals able to support the customer from a technological point of view. Through a structured “Penetration Test” method it is possible to identify possible weaknesses and vulnerabilities, performing procedures and habits.

Many companies do not consider the strategic importance of protecting brand reputation until they actually suffer a Data Breach. Only when there is a problem, they understand the need to protect their image.

It is necessary to have a clear action strategy. Prepare the ground. Define a methodology and related methods of implementation. Prepare management, from spokesperson to C-level managers. Align the legal area with respect to legislation and management of the media implications.

Spencer & Lewis is able to offer, thanks to its team of specialists in Crisis Communication, preparedness plans aimed at the governability of any threats and possible opportunities.

In May 2018, Gdpr (General Data Protection Regulation – Regolamento UE 2016/679), the new regulation for data protection, which will foresee high fines up to 5% of turnover for all companies that do not adequately protect the data of their customers and suppliers, will enter into force in the European Union.

The legislation will make it mandatory to promptly report any IT intrusion, so as to give users the opportunity to take cover and decide how best to protect their rights.