“We were extremely disappointed when we determined that we have suffered an unauthorized intrusion into our computer systems that process and store information related to customer transactions… I can assure you that we are taking steps to safeguard confidential information.”
So read an open letter to customers, posted recently on the corporate Web site, from Ben Cammarata, Chairman and Acting CEO, The TJX Companies Inc., best known in Canada for its Winners and HomeSense stores.
It was the dreaded scenario for every CIO – a massive security breach exposing sensitive customer information. At press time, the full scope of the breach was still undetermined – possibly extending to Canadian customers – and already customer accounts had been raided by the hackers.
The unfortunate reality of this story is that it could happen to any CIO. With tremendous amounts of customer information residing throughout the organization in myriad forms and on a variety of devices, the task of securing all customer information and encrypting anything that could be considered sensitive is overwhelming in size and prohibitive in cost.
A major security breach can be a career-ending event for the CIO. But apart from leaping off a tall building in a single bound, do you have any idea of how you would react to such a catastrophe? One thing is certain, when you’re caught up in the whirlwind, you won’t have time to plan your strategy.
That’s why you’d do well to treat this type of disaster like any other you prepare for. By walking yourself through a couple of worst-case scenarios you can at least make sure you’ve got your ducks in a row when it comes to making your case for the due diligence you’ve applied to security matters.
You might also want to follow the lead of many top corporate executives – take some personal PR coaching. Find out what to say and how to conduct yourself in the event of such a disaster – especially if there’s a chance you’ll be speaking to the press. The way you comport yourself during this difficult period may go a long way in determining your future career.
Finally, when things look their darkest and your career is hanging by a thread, remember the golden rule when it comes to disaster management: blame Hadley.
Talk to me