This is a creative blog post from the perspective of the Chief Technology Officer (CTO) of ABC Inc. (theoretical company) right after a data attack. The purpose of this post is to practice leadership in a crisis situation. By assuring "customers" that ABC's systems have be restored and publically illustrating the additional data security measures have have been implemented, I hope to build trust and rapport despite the difficult scenario.
A Message to Our Valued Customers,
As you may have already heard, at 2:30AM on January 20, criminals launched an attack on ABC’s servers in a China facility. The attack was a result of a software glitch that caused our systems to be vulnerable to a certain type of malware. We are still working to assess the exact scale and scope of the attack, but we anticipate that names and credit card information for about 1,000,000 customers has been compromised.
We’re deeply sorry for not living up to our responsibility to protect your data. Our customers deserve better. We believe that personal data ought to remain secure in every way possible. ABC is committed to paving a path of excellence moving forward.
Since the attack, ABC CEO Elene Fink and I have worked with dozens of data privacy experts to craft a long-term solution. The result is ABC’s Data Privacy Target, which will serve as our privacy policy effective immediately.
Our Core Belief
At the very center of our target is our deeply seeded belief that data is profoundly personal, and privacy should be protected as a human right. Our customers’ identity is central to who they are. It has always been our mission to advance the highest standards of human rights and dignity across all divisions of ABC Inc.. And that mission now extends to the way we handle your personal information.
Why we Care about Protecting Privacy
We care about protecting your data. We understand that intimate relationships are only possible when you feel secure, and that includes safeguarding personal information. We wish to remain the industry’s leading company for honesty, integrity, and authenticity, and we’re devoted to gaining back your trust. For many years, ABC has provided excellent customer service at an affordable price. We’re committed to bringing that same level of excellence to our online customers. Put simply, ABC cares about protecting your data because we care about you.
The Pathway to Enhanced Privacy
ABC has identified seven actionable goals to help create the necessary conditions for data security. This includes practices like investing in infrastructure, ensuring zero data breaches, and eliminating software bugs as soon as they become known. But we didn’t stop there. We understand that there is more we can do to not only protect your data, but limit its collection in the first place. With tremendous care, we have created an independent oversight board that will audit our data collection practices and report the findings of such investigations in our annual data privacy report. We want our customers to know the steps we’ve been taking to ensure their security. Within the information technology division, my team is working to develop an online portal in which customers can easily see, modify, and delete data pertaining to themselves or their online orders. We acknowledge and respect our customers’ decision to erase their data from our servers at any time and for any reason.
Please take this letter as an indication of our tireless work to improve our information technology practices and secure our customers’ data. As a customer of ABC myself, I share your concerns. The worry of having my personal information available publicly as a result of the hack has been deeply disturbing. I stand with you.
The leadership team at ABC wants nothing more than earn back the confidence our customers have placed in us since 1999. We are determined to make things right by you.
Sincerely,
Ryan Bailis
CTO ABC Inc.