This article is an extract from Transmission Private’s monthly newsletter, The Lede, which tracks the world of reputation management for private clients. You can sign up for the newsletter on our website via the tab at the bottom of this article or by completing the form here.
Hackers aren’t the only ones who can steal or reveal your personal data. The web lit up last week to news that a whistleblower had leaked the details of 18,000 accounts at Credit Suisse to a consortium of investigative journalists. The whistleblower argued that the famed Swiss banking laws were “immoral” and that the bank had failed in its due diligence to weed out dirty money.
There’s nothing illegal about having a bank account. No, there’s not. But the Suisse Secrets leak is a salutary tale of reputation damage by association. While the press reports acknowledged that most account holders were not involved in money laundering or tax evasion, it’s hard not to get tarnished when you’re grouped with human traffickers, dictators and drug lords. Between the lines, the message was that if you’ve done nothing wrong, you’ve no reason to hide your money in a Swiss bank.
That seems rather unfair. Yes, but the court of public opinion has never been fair. Even if a leak doesn’t connect you to dubious actors, it can still harm your reputation among key stakeholders. So much of success in business depends on credibility and trustworthiness. Potential business partners who don’t fancy finding their private dealings featured in an exposé may think twice before knocking on your door. The fact that it wasn’t your fault isn’t really the point.
What can we do to keep our data private? You can - and should - follow all the sound principles of data security, but there’s no firewall that can protect you from a whistleblower, particularly one working at a third party organisation that holds your confidential personal or business information. More to the point, it’s no longer safe to assume that your data will stay private - you need to prepare for when it gets out.
How do we do that? Wargame your response to a leak before it happens, so that when it does you’re not caught off guard.
- Audit your reputational risks. What would happen if your family and business secrets were made public? How would things look to the outside?
- Now start thinking about how you would explain them. What is the narrative for why you did business with person X, or why you set your holding company up in an offshore financial centre?
- Build up your profile and credibility among key stakeholders. Be open about impact investments for example, and identify certain topics that you’re comfortable speaking about at select events. The more you are known, the less likely any leak will be taken out of context.
Takeaway... Think about data security more widely than just cyber defences, and stop assuming that what’s private will stay private. It’s best to be prepared.